Summary

This PR contains the fix for issue #55 in a manner that still retains the original focus on the buffer overflow problem whilst also introducing an another concept security through obscurity and it's associated vulnerability.

Changes

All files have been modified, since the API was altered to hide the low implementation details from users. In this case the user_account structure. There are numerous comments in the source code informing the learner about the content. The solution.c contains a detailed explanation why handing over raw structures to a user is a bad idea from a security standpoint.

Nonetheless, if the only security measure is about hiding implementation facts, then an attacker can reverse engineer the code and exploit vulnerabilities. This is emphasized in this new version of the code base. In this way, it would be even more understandable for a learner why checking input is indispensable in security engineering.

P.S. The hint.txt has been split into two files hint-1.txt and hint-2.txt each having one hint.

Closes:

• [Bug] Level 2 - Without proper information hiding security accidents cannot be prevented  #55

Task list

• For workflow changes, I have verified the Actions workflows function as expected.
• For content changes, I have reviewed the style guide.