From cb147309f5b44ec6295ca4dbe4523e4d526bfcba Mon Sep 17 00:00:00 2001 From: Mihnea Gheorghe Date: Mon, 10 Nov 2025 23:09:44 +0200 Subject: [PATCH 1/2] data/bypassing-stack-protector: Fix canary overwrite --- .../solution/src/stack_protector.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c b/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c index f93b49b25b..1730f1f84d 100644 --- a/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c +++ b/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c @@ -19,12 +19,15 @@ void fun1(char *p) } printf("overwrite canary:\n"); - /* TODO 1: Add code that overwrites the canary. */ - addr[6] = 0; + /* TODO 1: Add code that overwrites the canary. + * Note: You should get a stack smashing detected error. + * Remove the overwrite after getting the error in order to proceed to the next step. + */ + addr[1] = 0; printf("overwrite return address:\n"); /* TODO 2: Add code that overwrites the return address with the address of pawned. */ - addr[7] = &pawned; + addr[3] = &pawned; (void) p; } From 9554467f478e286e0bc91ae36ccc076fb136d023 Mon Sep 17 00:00:00 2001 From: XXMA16 <81380344+XXMA16@users.noreply.github.com> Date: Mon, 10 Nov 2025 23:29:05 +0200 Subject: [PATCH 2/2] data/bypassing-stack-protector: Fix checkstyle - pleased linter --- .../bypassing-stack-protector/solution/src/stack_protector.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c b/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c index 1730f1f84d..68b2e26f2c 100644 --- a/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c +++ b/chapters/data/memory-security/drills/tasks/bypassing-stack-protector/solution/src/stack_protector.c @@ -22,7 +22,7 @@ void fun1(char *p) /* TODO 1: Add code that overwrites the canary. * Note: You should get a stack smashing detected error. * Remove the overwrite after getting the error in order to proceed to the next step. - */ + */ addr[1] = 0; printf("overwrite return address:\n");