1) Can you find where the canary variables are stored?

Yes. We accomplished using printf with %p and &canaryA and &canaryB.

eg 1) canaryA is at 0x7ffcfab7c218 and canaryB is at 0x7ffcfab7c21c

2) Can you work out and where and how gcc stores information in the frame for this function?

As shown above when run multiple times gcc will set aside memory in a stack above already used memory.

3) [Does/How much does] the location of variables change if you run your program multiple times?

Yes the location changes. As seen in the above example the difference is 1229135396 between the two memory stores.

4) What is the effect on the on the location of the variables of using/not using the -O flag when compiling with gcc?

If compiled with the overflow error still in the code, the program will not compile if -O is included due to gcc picking up the error. However if the overflow is omitted, then the program will compile and uses less space overall in memory.

5) What else can you discover?

When the array overflows, if there are any left over values stored in memory, it will retrieve these values and assign them to the array.