jduck · March 28, 2015 03:49
diff --git a/crackaddr-mods.diff b/crackaddr-mods.diff
 --- crackaddr-bad.c.1	2011-08-25 14:37:47.000000000 -0500
 +++ crackaddr-bad.c	2015-03-27 22:42:59.956804489 -0500
 @@ -85,8 +85,11 @@
 #include <string.h>
 #include <ctype.h>
 
 +#include <unistd.h>
 +#include <fcntl.h>
 +
 /* ccured needs this */
 -#pragma ccuredvararg("scanf", printf(1))
 +//#pragma ccuredvararg("scanf", printf(1))
 
 /* macro substitution character */
 #define MACROEXPAND	((unsigned char)0201)	/* macro expansion */
 @@ -150,11 +153,13 @@
 	char *buflim;
 	char *bufhead;
 	char *addrhead;
 -	static char buf[MAXNAME + 1];
 -	static char test_buf[10]; /* will use as a canary to detect overflow */
 +    static struct __blah_stru {
 +	    char buf[MAXNAME + 1];
 +	    char test_buf[10]; /* will use as a canary to detect overflow */
 +    } x;
 	                          /* of buf[] */
 	
 -	strcpy(test_buf, "GOOD");
 +	strcpy(x.test_buf, "GOOD");
 	
         printf("Inside crackaddr!\n");
 
 @@ -169,9 +174,9 @@
 	*/
 
 
 -	bp = bufhead = buf;
 +	bp = bufhead = x.buf;
 	obp = bp;
 -	buflim = &buf[sizeof buf - 7];
 +	buflim = &x.buf[sizeof x.buf - 7];
 	p = addrhead = addr;
 	copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0;
 	bracklev = 0;
 @@ -430,7 +435,7 @@
 			}
 			if (quoteit)
 			{
 -			  if (bp == &buf[1])
 +			  if (bp == &x.buf[1])
 				  bp--;
 				else
 				  /*BAD*/
 @@ -487,7 +492,7 @@
 		    *bp++ = 'g';
 		    putgmac = true;
 		  }
 -		printf("Buf = %s\n", buf);
 +		printf("Buf = %s\n", x.buf);
 	}
 	
 	/* repair any syntactic damage */
 @@ -504,27 +509,47 @@
 	*bp++ = '\0';
 	
 	printf("test_buf should equal GOOD\n");
 -	printf("test_buf = %s\n", test_buf);
 +	printf("test_buf = %s\n", x.test_buf);
 +    //if (strcmp(x.test_buf, "GOOD")) abort();
 
 -	return buf;
 +	return x.buf;
 }
 
 
 -int main(){
 -
 +int main(int argc, char *argv[])
 +{
   char address[100];
   char *res_addr;
 
 +  MustQuoteChars = "@,;:\\()[].'";
 +#ifdef ORIG
   printf("Type 1 or 0 to allow or disallow colons in email address:\n");
   scanf("%d", &ColonOkInAddr);  /* allow colon in address */
 -  MustQuoteChars = "@,;:\\()[].'";
 
   printf("Enter email address:\n");
   scanf("%99s", address);
 +#else
 +  char buf[101];
 +  ssize_t nr;
 +  int fd;
 +  
 +  fd = open(argv[1], O_RDONLY);
 +  if (fd == -1)
 +      return 1;
 +
 +  nr = read(fd, buf, sizeof(buf)-1);
 +  if (nr >= 0)
 +      buf[nr] = '\0';
 +
 +  if (buf[0] == '1')
 +      ColonOkInAddr = 1;
 +  
 +  strcpy(address, buf + 1);
 +#endif
   
   res_addr = crackaddr(address);
   printf("result = %s\n", res_addr);
 -  printf("buf len = %d\n", strlen(res_addr));
 +  printf("buf len = %zd\n", strlen(res_addr));
 
   return 0;
 }
	--- crackaddr-bad.c.1 2011-08-25 14:37:47.000000000 -0500
	+++ crackaddr-bad.c 2015-03-27 22:42:59.956804489 -0500
	@@ -85,8 +85,11 @@
	#include <string.h>
	#include <ctype.h>

	+#include <unistd.h>
	+#include <fcntl.h>
	+
	/* ccured needs this */
	-#pragma ccuredvararg("scanf", printf(1))
	+//#pragma ccuredvararg("scanf", printf(1))

	/* macro substitution character */
	#define MACROEXPAND ((unsigned char)0201) /* macro expansion */
	@@ -150,11 +153,13 @@
	char *buflim;
	char *bufhead;
	char *addrhead;
	- static char buf[MAXNAME + 1];
	- static char test_buf[10]; /* will use as a canary to detect overflow */
	+ static struct __blah_stru {
	+ char buf[MAXNAME + 1];
	+ char test_buf[10]; /* will use as a canary to detect overflow */
	+ } x;
	/* of buf[] */

	- strcpy(test_buf, "GOOD");
	+ strcpy(x.test_buf, "GOOD");

	printf("Inside crackaddr!\n");

	@@ -169,9 +174,9 @@
	*/


	- bp = bufhead = buf;
	+ bp = bufhead = x.buf;
	obp = bp;
	- buflim = &buf[sizeof buf - 7];
	+ buflim = &x.buf[sizeof x.buf - 7];
	p = addrhead = addr;
	copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0;
	bracklev = 0;
	@@ -430,7 +435,7 @@
	}
	if (quoteit)
	{
	- if (bp == &buf[1])
	+ if (bp == &x.buf[1])
	bp--;
	else
	/BAD/
	@@ -487,7 +492,7 @@
	*bp++ = 'g';
	putgmac = true;
	}
	- printf("Buf = %s\n", buf);
	+ printf("Buf = %s\n", x.buf);
	}

	/* repair any syntactic damage */
	@@ -504,27 +509,47 @@
	*bp++ = '\0';

	printf("test_buf should equal GOOD\n");
	- printf("test_buf = %s\n", test_buf);
	+ printf("test_buf = %s\n", x.test_buf);
	+ //if (strcmp(x.test_buf, "GOOD")) abort();

	- return buf;
	+ return x.buf;
	}


	-int main(){
	-
	+int main(int argc, char *argv[])
	+{
	char address[100];
	char *res_addr;

	+ MustQuoteChars = "@,;:\\()[].'";
	+#ifdef ORIG
	printf("Type 1 or 0 to allow or disallow colons in email address:\n");
	scanf("%d", &ColonOkInAddr); /* allow colon in address */
	- MustQuoteChars = "@,;:\\()[].'";

	printf("Enter email address:\n");
	scanf("%99s", address);
	+#else
	+ char buf[101];
	+ ssize_t nr;
	+ int fd;
	+
	+ fd = open(argv[1], O_RDONLY);
	+ if (fd == -1)
	+ return 1;
	+
	+ nr = read(fd, buf, sizeof(buf)-1);
	+ if (nr >= 0)
	+ buf[nr] = '\0';
	+
	+ if (buf[0] == '1')
	+ ColonOkInAddr = 1;
	+
	+ strcpy(address, buf + 1);
	+#endif

	res_addr = crackaddr(address);
	printf("result = %s\n", res_addr);
	- printf("buf len = %d\n", strlen(res_addr));
	+ printf("buf len = %zd\n", strlen(res_addr));

	return 0;
	}