hi everyone!
i write this code but seems dont work: !
can anyone tell me why sprint() stops at %s and did 'nt take the >wc.txt ?Code://number of words to search for the file given by the user: buffer=argv[2];// the given file char *temp2=(char*)malloc(100); sprintf(temp2,"wc -w %s >wc.txt",buffer);//redirect output to file: wc.txt system((char *)temp2);
thank you!
(*****sorry for my bad english!)
Is your argv[2] really valid?
What did you type to run this program?
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
yes, argv[2] is valid....
program seems to stop at char ">"
so cant redirect output to specify file...
to run it i type: ./prog 10 file.txtOriginally Posted by gcreator
this code above is only a part of main()
Hmm...that section of code looks fine to me. As a matter of fact, I just ran your code (with minor additions to make a complete program) and it works fine. Can we please get a full code listing and a description of how you determined that it is only getting to the ">".
I get a file called wc.txt with the correct word count in it.Code:#include <stdio.h> #include <stdlib.h> int main(int argc, char *argv[]) { char *buffer; buffer=argv[2];// the given file char *temp2=(char*)malloc(100); sprintf(temp2,"wc -w %s >wc.txt",buffer);//redirect output to file: wc.txt printf("%s\n", temp2); system((char *)temp2); free(temp2); return 0; }
> this code above is only a part of main()
Well if you've removed a whole bunch of code and only posted where the problem "showed itself", then you've probably just deleted where the problem actually is.
As anduril462 has shown, there is nothing wrong with the snippet you posted within itself.
As soon as you use malloc (or more correctly, as soon as you mis-use malloc), bugs split into two parts
- the part where the problem really is
- the part where the problem shows up.
Newbies focus all their attention on the second part, and post snippets of code around the second part.
How To Ask Questions The Smart Way
Try to produce a small and COMPLETE example which still fails.
That means, remove stuff from your program and make sure the bug is still there when you test.
Along the way, the problem will disappear. You might even find the problem yourself whilst doing this.
But if you get to a small program which still has the problem, and you're still stuck, then feel free to post it
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
ΟΚ!
In fact the file is not an argument (I said not to confuse you) ............. i read file name from tcp socket()....
server runs normally and make wc.txt but nothing saved inside....
here is my server code:
Code:#include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/stat.h> #include <netinet/in.h> #include <stdlib.h> #include <sys/resource.h> #include <unistd.h> // communicates with each client... void dostuff(int); // print errors.... void error(char *msg) { perror(msg); exit(1); } main() { int sockfd, newsockfd, portno, clilen, pid; struct sockaddr_in cli_addr,serv_addr; // make socket sockfd = socket(AF_INET, SOCK_STREAM, 0); if (sockfd < 0) error("ERROR opening socket"); //default times for tcp bzero((char *) &serv_addr, sizeof(serv_addr)); portno=atoi("50006"); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr = htonl(INADDR_ANY); serv_addr.sin_port = htons(portno); //bind for requests if (bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) error("ERROR on binding"); // call listen() listen(sockfd,5); clilen = sizeof(cli_addr); //do accept as many requests have portno = 50006 and make childs to serve them... // while loop run continuously ---server never stops while (1) { newsockfd = accept(sockfd, (struct sockaddr *) &cli_addr, &clilen); if (newsockfd < 0) error("ERROR on accept"); pid = fork(); if (pid < 0) error("ERROR on fork"); // in child proc ,call function do stuff if (pid == 0) { close(sockfd); dostuff(newsockfd); exit(0); } else{ wait(0); close(newsockfd); } } /* end of while */ return 0; /* we never get here */ } void dostuff (int sock) { int n; char buffer[256]; char message[256]; bzero(buffer,256); // read from socket n = read(sock,buffer,255); if (n < 0) error("ERROR reading from socket"); printf("Here is the message: %s (from client) \n",buffer); //check if given file exists... char *temp=(char*)malloc(100); sprintf(temp,"ls %s",buffer); if(system((char *)temp)!=0){ strcpy(message,"no such file or directory"); free(temp); if (write(sock,message,sizeof(message))< 0) error("ERROR writing to socket"); } free(temp); //count number of words in given file char *temp2=(char*)malloc(200); sprintf(temp2,"wc -w %s >wc.txt",buffer);//redirect output to wc.txt system((char *)temp2); free(temp2); }
Some points.
1. All your (char*) casts are unnecessary.
2. You ignore the second return result of system()
How do you know whether it is working or not?
> sprintf(temp2,"wc -w %s >wc.txt",buffer);
Try something like
sprintf(temp2,"wc -w %s >wc.txt 2>wc.err",buffer);
> char *temp=(char*)malloc(100);
Given the size of the allocation (and the intended scope), you would have been better off doing
char temp[100];
At least then you wouldn't try to free it twice.
One final thing, what output DO you actually see?
> printf("Here is the message: %s (from client) \n",buffer);
If you wrote
printf("Here is the message: ++%s++ (from client) \n",buffer);
you would be able to see if there were anything wrong with the message received.
Any funny characters, newlines perhaps?
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Dear Salem,
terminal prints:
135 file.txt shouldnt printedCode:Here is the message: ++file.txt ++ (from client) file.txt 135 file.txt
I haven't read your code (I might now if I still have enough time), but this is EXTREMELY insecure, if the filename is read over a socket. Imagine someone sending the following filename:
The command would be:Code:a; rm -rf /
Guess what? You can execute ANY command on the server you like. So, basically, you give them access to anything the program has access on.Code:wc -w a; rm -rf / >wc.txt
Admittedly, that's not the only vulnerability, but definitely the easiest one to exploit.
@gcreator: There you are, then. The newline after the end of filename shouldn't be there.
Last edited by EVOEx; 11-13-2010 at 09:42 AM.
sprintf(temp2,"wc -w %s >wc.txt 2>wc.err",buffer) ---> makes 2 files (wc.txt and wc.err) but both of them are empty ....
you have right!
But this program is for a university project,,,,....( 2 files: server.c and client.c running on the same machine as 2 different processes and communicate via sockets)
on conclusion... on my code above if everything was okay should not print anything about the results of the wc command....(135 file.txt) because of redirection ....
if in terminal write e.g :"wc -w something.txt " this would print: 135 something.txt" but if i use redirection for output to another file, returns to specify file and nothing to terminal....
So have you figured out yet why you're seeing this
Here is the message: ++file.txt
++ (from client)
and not this
Here is the message: ++file.txt++ (from client)
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
not at all!!!!!!
