library function is preferred over strncpy which does not null-terminate the destination buffer if the source string's length is greater than or equal to the size of the buffer (the third argument passed to the function). Therefore a may not be null-terminated and cannot be treated as a valid C-style string.

Exploitation

The techniques to exploit a buffer overflow vulnerability vary by architecture,

1.Previous
3.Next