#include #include #include

int foo$($char $*$str$)$

$\{$

char buffer$[100]$; $/*$ The following statement has a buffer overflow problem $*/$

strcpy$($buffer$,$ str$)$; return $1$;

$\}$

int main$($int argc, char $**$argv$)$

$\{$

char str$[400]$;

FILE $*$badfile;

badfile $=$ fopen$("$badfile$","$r$")$;

fread$($str$,$ sizeof$($char$),300,$ badfile$)$;

foo$($str$)$;

printf$("$Returned Properly

$")$;

return $1$;

$\}$

In the above given sample code expalin how you would perform a bufferoverflow

attack. Draw a detailed diagram of position of variables placed on the stack.

Finally also explain how canary based protection mechanism can be used as

defense.