:: Re: [DNG] Systemd Shims
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Rainer Weikusat
日付:  
To: dng
題目: Re: [DNG] Systemd Shims
Rainer Weikusat <rainerweikusat@???> writes:

> Edward Bartolo <edbarx@???> writes:
>> I am not assuming anything and understand the risks of buffer
>> overflows. The first step I am taking is to make the code function.
>> The second step is further debug it until it behaves properly and the
>> third step is to correct any potential security issues.
>
> Realistically, the first step is 'make the code function', the second
> step is 'graduate from university based on your thesis' and the 3rd was
> called 'heartbleed', IOW, that's not going to happen in this way. If
> you're doing string processing in C, try to do it correctly from the
> start. That's much easier than retrofitting proper length/ size handling onto
> some working code.


Example program showing a safe/ secure (and somewhat simplified)
saveFile:

--------
#include <alloca.h>
#include <stdio.h>
#include <string.h>

#define IFACE_TMPL \
    "auto lo\n" \
    "iface lo inet loopback\n\n" \
    "iface wlan0 inet dhcp\n" \
    "    wpa-ssid %s\n" \
    "    wpa-psk \"%s\"\n"


#define IFACES_PATH "/tmp"

static void saveFile(char* essid, char* pw) //argv[1], argv[2]
{
    char *path;
    FILE *fp;
    unsigned p_len, e_len;


    p_len = strlen(IFACES_PATH);
    e_len = strlen(essid);
    path = alloca(p_len + e_len + 2);

    
    strcpy(path, IFACES_PATH);
    path[p_len] = '/';
    strcpy(path + p_len + 1, essid);

    
    fp = fopen(path, "ab+");
    fprintf(fp, IFACE_TMPL, essid, pw);
    fclose(fp);
}


int main(int argc, char **argv)
{
    saveFile(argv[1], argv[2]);
    return 0;
}