Rainer Weikusat <[email protected]> writes:
> Edward Bartolo <[email protected]> writes:
>> I am not assuming anything and understand the risks of buffer
>> overflows. The first step I am taking is to make the code function.
>> The second step is further debug it until it behaves properly and the
>> third step is to correct any potential security issues.
>
> Realistically, the first step is 'make the code function', the second
> step is 'graduate from university based on your thesis' and the 3rd was
> called 'heartbleed', IOW, that's not going to happen in this way. If
> you're doing string processing in C, try to do it correctly from the
> start. That's much easier than retrofitting proper length/ size handling onto
> some working code.
Example program showing a safe/ secure (and somewhat simplified)
saveFile:
--------
#include <alloca.h>
#include <stdio.h>
#include <string.h>
#define IFACE_TMPL \
"auto lo\n" \
"iface lo inet loopback\n\n" \
"iface wlan0 inet dhcp\n" \
" wpa-ssid %s\n" \
" wpa-psk \"%s\"\n"
#define IFACES_PATH "/tmp"
static void saveFile(char* essid, char* pw) //argv[1], argv[2]
{
char *path;
FILE *fp;
unsigned p_len, e_len;
p_len = strlen(IFACES_PATH);
e_len = strlen(essid);
path = alloca(p_len + e_len + 2);
strcpy(path, IFACES_PATH);
path[p_len] = '/';
strcpy(path + p_len + 1, essid);
fp = fopen(path, "ab+");
fprintf(fp, IFACE_TMPL, essid, pw);
fclose(fp);
}
int main(int argc, char **argv)
{
saveFile(argv[1], argv[2]);
return 0;
}
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
