This a piece that takes 3 input parameters from command line on startup (besides the app name that makes it 4 parameters).
The code works like it should most of the times, take a look at it and I present the cases when it does not work after it:
Code:
#include <stdio.h>
//----------------------------------------------------------------
// Source file for CMDCalutator.exe, a basic calculator.
// Use it by typing:
// "calculator <ar op> <int> <int>" in the command promt
// where <ar op> stands for aritmetic operation +, -, * and /
//----------------------------------------------------------------
int main(int argc, char *argv[]) {
printf ("%s\n", argv[1]);
printf ("%d\n", atoi(argv[2]));
printf ("%d\n", atoi(argv[3]));
}
Case one, following input makes the app crash. Mind the fact that the numbers could be any integer number:
Code:
CMDCalculator & 432 446
And following input gives an unexpected output
Code:
CMDCalculator * 432 446
output:
Once again, the integer numbers do not seem to matter. Also if I put a character in front of either & or *, I get the expected outputs.
However, if I put a char after & I still get error and if I put a char after * (like *b) I get the name of a file in the current directory in case there is a file that ends with that char. For example:
For *b I get "keylogger.idb", for *c i get "better.c", for *e i get "better.exe" and so it goes on for the letters where there is a file that has a name who ends with the character following *. For the others I get the expected output.
Would someone like to explain why this happens? And how do you protect yourself against this? Cause I expect it can be used to make an exploit?
