Created
December 2, 2022 20:13
-
-
Save cxxr/ae96e9d04218fac4f10cac38f274e774 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Here is some C code. Does this code have any vulnerabilities? | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #define BUFFERSIZE 200 | |
| #define TRUE 1 | |
| #define FALSE 0 | |
| int copy_it( char * input ) | |
| { | |
| char localbuf[ BUFFERSIZE ]; | |
| char c, *p = input, *d = &localbuf[0]; | |
| char *upperlimit = &localbuf[ BUFFERSIZE-10 ]; | |
| int quotation = FALSE; | |
| int roundquote = FALSE; | |
| memset( localbuf, 0, BUFFERSIZE ); | |
| while( (c = *p++) != '\0' ){ | |
| if(( c == '<' ) && (!quotation)){ | |
| quotation = TRUE; | |
| upperlimit--;} | |
| if(( c == '>' ) && (quotation)){ | |
| quotation = FALSE; | |
| upperlimit++;} | |
| if(( c == '(' ) && ( !quotation ) && !roundquote){ | |
| roundquote = TRUE; | |
| /*upperlimit--;*/} | |
| if(( c == ')' ) && ( !quotation ) && roundquote){ | |
| roundquote = FALSE; | |
| upperlimit++;} | |
| // If there is sufficient space in the buffer, write the character. | |
| if( d < upperlimit ) | |
| *d++ = c; | |
| } | |
| if( roundquote ) | |
| *d++ = ')'; | |
| if( quotation ) | |
| *d++ = '>'; | |
| printf("%d: %s\n", (int)strlen(localbuf), localbuf); | |
| } | |
| int main( int argc, char **argv ){ | |
| if( argc > 1 ) | |
| copy_it( argv[1] ); | |
| else | |
| printf("Please supply a command line argument.\n"); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment