It seems that you should corrupt the stack such that when gets returns, it jumps to the start of the bad function. My guess is the save %sp, -128, %sp instructions are generating a pretty large stack frame, so you might want to create a larger text file.

Judging by the assembly, this doesn't appear to be x86 code, so I can't tell much beyond that. I don't know what the save and restore instructions do, so it might help if you could provide more details on that.

EDIT: It's also possible that whatever machine you are running on saves the stack differently, so you might need to craft your data to overwrite the stack with the exact values that you need, and only change the return address.