what does this mean
Code:ch = getch();
while(ch !='\r')
{
pass[i]=ch;
printf("*");
i++;
ch = getch();
}
Printable View
what does this mean
Code:ch = getch();
while(ch !='\r')
{
pass[i]=ch;
printf("*");
i++;
ch = getch();
}
gets a char from input buffer, as long as its not a '\r' character it stores that character in an array and then prints * to the screen, increments index, and gets another char. It keeps going until the user enters '\r'.
It means someone doesn't know how to indent properly.
Was it written by Pablo Picasso?
pass Array can't be unlimited.
You store until \r but what about reading a paragraph with 1000 letters ?
Is your array ready to store ?
Yes, okay, a buffer overflow is a possibility here, there should be some sort of limiting condition on the loop. However, this code is clearly intended to mask a password as it's being entered. I doubt anyone will enter a password more than, say, 20 chars long.Quote:
Originally Posted by ch4
QuantumPete
Famous last words before an attacker exploits a buffer overflow vulnerability? :DQuote:
Originally Posted by QuantumPete
Indeed.
:P Indeed! Which is why I suggested a limiting condition on the loop. check that the char != 'r' and i < 20 or something.Quote:
Originally Posted by laserlight
QuantumPete