Urgent help please with C code

This is a discussion on Urgent help please with C code within the C Programming forums, part of the General Programming Boards category; Im pretty bad at programming. Have an exam in a few hours and need to understand whats happening here. Examine ...

  1. #1
    Registered User
    Join Date
    Jun 2012
    Posts
    3

    Urgent help please with C code

    Im pretty bad at programming. Have an exam in a few hours and need to understand whats happening here.

    Examine the code fragments below and report on three key items: a) the class/type of the vulnerability; b) the exact cause of the problem; and c) the code fix to be put in place to mitigate the vulnerability.

    Code:
    int grab_request (char buf[], int buf_len)
    {
    int i;
         for (i=0; i< buf_len; i++) {
              /* put things into buf */
         }
    
    buf[i] = \0;
    return i;
    }

  2. #2
    Registered User
    Join Date
    Jun 2011
    Posts
    2,434
    Are you going to give us your thoughts on what the answers might be, or are you just waiting for the answers to be handed out?

  3. #3
    Registered User
    Join Date
    Jun 2012
    Posts
    3
    the honest truth is i am confused. this is the answer i tried to give my lecturer. the marks havent come bac as yet so am not sure but i have an exam tomorrow.

    Code #/Type Type of Vulnerability
    Exact cause/Problem Mitigation
    5/C Buffer overflow - If buf[] size is buf_len you will be accessing your array out of bounds when you try to insert the end of string character into the string at buf[i] = ‘\0’;. Because when you reach this point i will be equal to buf_len.
    Defining the size of buf_len as a constant would help to know the size of the buf_lenwould greatly help.

    #define BUF_LEN 48

    So that at the for loop it can appear like this

    for (int i=0; i < 48; i++)

    with the 48 replacing the buf_len or even leaving buf_len as is but defined.

  4. #4
    Registered User
    Join Date
    Jun 2011
    Posts
    2,434
    You seem to have a decent understanding of the scenario, based on the "type of vulnerability" and "exact cause/problem." But the "mitigation" doesn't seem quite right - that's where you should focus.

    Perhaps a read-up on strings will show you the right way to correct the "problem" in the original code.

  5. #5
    Registered User
    Join Date
    Jun 2012
    Posts
    3
    how about this

    Code:
    function foo(char * param) {
       char local[100];
    /* do stuff */
    strncpy(local, param, strlen(param));
    /* do more stuff */
    }
    1.Type of Vulnerability:Buffer Overflow. strncpy insecure

    2.Cause of Problem: strncpy doesn't automatically null-terminate the string being copied into.

    3.Code Fix: To safely use strncpy, one must either (1) manually stick a null character onto the result buffer, (2) know that the buffer ends with a null beforehand, and pass (length-1) to strncpy, or (3) know that the buffer will never be copied using any method that won't bound its length to the buffer length.

  6. #6
    Registered User claudiu's Avatar
    Join Date
    Feb 2010
    Location
    London, United Kingdom
    Posts
    2,094
    Think about it like this, what is the value of i when you do buf[i] = '\0' ?
    1. Get rid of gets(). Never ever ever use it again. Replace it with fgets() and use that instead.
    2. Get rid of void main and replace it with int main(void) and return 0 at the end of the function.
    3. Get rid of conio.h and other antiquated DOS crap headers.
    4. Don't cast the return value of malloc, even if you always always always make sure that stdlib.h is included.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. could you help with me C code?thanks,a little urgent.
    By hth373737 in forum C Programming
    Replies: 50
    Last Post: 11-24-2008, 06:12 AM
  2. Urgent help in code...
    By alvifarooq in forum C++ Programming
    Replies: 1
    Last Post: 11-07-2004, 06:40 AM
  3. [URGENT]Please help again...
    By Th3-SeA in forum C Programming
    Replies: 3
    Last Post: 09-30-2003, 12:59 PM
  4. [URGENT]Please Help ~
    By Th3-SeA in forum C Programming
    Replies: 3
    Last Post: 09-30-2003, 12:58 PM
  5. Urgent: c code to explore zip/war/ear/jar files
    By chinnu in forum C Programming
    Replies: 1
    Last Post: 09-02-2003, 03:09 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21