Does this server is vuln. to buffer overflow?
Hi!
I'm learning about buffer overflows! I writted a simple server, so I can see how remote buffer overflows work, but there is a problem! When recv(); recives data, the third recv(); argument specifies how much data it will recive, just like strncpy(); - how much data will be copied! Does this server is vuln. to buffer overflow's if I don't use strcpy();?
Code:
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
int main(){
char buffer[10];
struct sockaddr_in server;
int addr_len, sock, sock_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
server.sin_family = AF_INET;
server.sin_port = htons(100);
server.sin_addr.s_addr = INADDR_ANY;
bind(sock_fd, (struct sockaddr*)&server, sizeof(server));
listen(sock_fd, 10);
while(1){
addr_len = sizeof(server);
sock = accept(sock_fd, (struct sockaddr*)&server, &addr_len);
while(1){
recv(sock, buffer, sizeof(buffer), 0);
if(strncmp("quit", buffer, 4) == 0){
close(sock);
break;
}
}
}
return 0;
}
Thank you!