cybersecurity · intermediate · ~15 min · safe pentest lab
Write a tiny static-analysis pass for high-risk APIs.
Implement int count_dangerous_calls(const char *source) that returns the number of occurrences of any of the following identifiers as function calls in the source: strcpy, strcat, sprintf, gets, system. Match the identifier followed by ( (allowing whitespace) so substrings like mystrcpy( don't trigger.
#include <stdio.h>
#include <string.h>
#include <ctype.h>
int count_dangerous_calls(const char *source) {
/* TODO */
return 0;
}
Solve this exercise in the browser editor — compile and run against the test harness, no setup required.