Examine Code
i am good at coding and stuff so please can anyone please help me in finding 1)some vulnerability of class/type 2) the exact cause of the problem 3) How to fix the code to mitigate the vulnerability.??
Code:int get_stuff() { int ran1, ran2; char stuff[64]; ran2 = ran1 = rand(); /* get a random number */ gets(stuff); if (ran1 != ran2) exit(); /* something wrong */ else /* proceed */ }
If you're "good at coding", then you should really know about the gets() flaws already, and how to fix them.
Or at least be able to read about it in pretty much any C programming FAQ around the net.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
@salem - sorry that's my typo mistake, I meant to say I'm not good at programming. Can u help me with this code??
"...a computer is a stupid machine with the ability to do incredibly smart things, while computer programmers are smart people with the ability to do incredibly stupid things. They are,in short, a perfect match.." Bill Bryson
1) "get_stuff" is a terrible function name
2) variables should be declared on their own lines
3) variables should be initialised
4) Nothing should go on the same line after a curly brace
5) As mentioned gets is a big no-no
6) You're using C++ style comments
7) Always use braces with if statements
8) Don't exit from functions, especially when they have a return variable
9) Always return something unconditionally from a function that has a return value
10) Indent your code properly
"No-one else has reported this problem, you're either crazy or a liar" - Dogbert Technical Support
"Have you tried turning it off and on again?" - The IT Crowd
