Overflow over scanf(“%8s”, string)?

Question

I know it\'s possible to overflow ordinary code:

char string[9];

scanf(\"%s\", string).

But is it possible to overflow scanf(\"%8s\

Answer 1

As ysth pointed out, the array should be able to contain the string and the terminating null-character, so using an 8-byte array (especially if it's allocated on the stack, as it is in your code) is very likely to mess it up.