safety and C

Discussion in 'C Programming' started by RoSsIaCrIiLoIA, Apr 14, 2004.

  1. I'm reading a book on safety.
    Do you know that?
    printf("Use:> %s prog\n", argv[0] );
    or
    printf("Use:> %s prog\n", str_in_input);
    is danger.
    If str_in_input=" %x " this would print the return address of printf.
    If str_in_input=" %x%x%x%x%x%x%x%x%x%x%x%x%x " it could see the stack.
    and what If in the stack there is a pointer to a string password?
    RoSsIaCrIiLoIA, Apr 14, 2004
    #1
    1. Advertising

  2. RoSsIaCrIiLoIA wrote:

    > I'm reading a book on safety.
    > Do you know that?
    > printf("Use:> %s prog\n", argv[0] );
    > or
    > printf("Use:> %s prog\n", str_in_input);
    > is danger.
    > If str_in_input=" %x " this would print the return address of printf.


    It will print "Use:> %x prog\n"

    > If str_in_input=" %x%x%x%x%x%x%x%x%x%x%x%x%x " it could see the stack.


    It will print "Use:> %x%x%x%x%x%x%x%x%x%x%x%x%x prog\n"

    > and what If in the stack there is a pointer to a string password?


    Nope it cannot, above is perfectly safe.

    -- Thomas.
    Thomas stegen, Apr 14, 2004
    #2
    1. Advertising

  3. RoSsIaCrIiLoIA wrote:

    > I'm reading a book on safety.
    > Do you know that?
    > printf("Use:> %s prog\n", argv[0] );
    > or
    > printf("Use:> %s prog\n", str_in_input);
    > is danger.
    > If str_in_input=" %x " this would print the return address of printf.
    > If str_in_input=" %x%x%x%x%x%x%x%x%x%x%x%x%x " it could see the stack.
    > and what If in the stack there is a pointer to a string password?


    Where are you getting this crap? See the program below and its output:

    #include <stdio.h>
    int main(void)
    {
    char *str_in_input;
    printf("[output]\n");
    str_in_input = " %x ";
    printf("Use:> %s prog\n", str_in_input);
    str_in_input = " %x%x%x%x%x%x%x%x%x%x%x%x%x ";
    printf("Use:> %s prog\n", str_in_input);
    return 0;
    }

    [output]
    Use:> %x prog
    Use:> %x%x%x%x%x%x%x%x%x%x%x%x%x prog
    Martin Ambuhl, Apr 14, 2004
    #3
  4. On Wed, 14 Apr 2004 08:57:21 +0100, Thomas stegen
    <> wrote:

    >RoSsIaCrIiLoIA wrote:
    >
    >> I'm reading a book on safety.
    >> Do you know that?
    >> printf("Use:> %s prog\n", argv[0] );
    >> or
    >> printf("Use:> %s prog\n", str_in_input);
    >> is danger.
    >> If str_in_input=" %x " this would print the return address of printf.

    >
    >It will print "Use:> %x prog\n"


    Yes but this print
    Inserisci una stringa> %x %hx %hx %hx %hx %hx %hx %hx %hx
    40b034 f000 7825 7868 7868 7868 7868 7868 7868
    Is it possible to exit from s?

    #include <stdio.h>

    int main(void)
    {char s[50] = {0};
    int d = 0;
    while( 1 )
    {
    printf("Inserisci una stringa> "); fflush(stdout);
    fgets(s, sizeof s, stdin);
    printf(s);
    if(*s=='1') break;
    }
    return 0;
    }
    RoSsIaCrIiLoIA, Apr 14, 2004
    #4
  5. RoSsIaCrIiLoIA wrote:

    > On Wed, 14 Apr 2004 08:57:21 +0100, Thomas stegen
    >>It will print "Use:> %x prog\n"

    >
    >
    > Yes but this print


    Of course it does.

    > Inserisci una stringa> %x %hx %hx %hx %hx %hx %hx %hx %hx
    > 40b034 f000 7825 7868 7868 7868 7868 7868 7868
    > Is it possible to exit from s?


    s is a string, there is no entrance or exit...

    > printf("Inserisci una stringa> "); fflush(stdout);
    > fgets(s, sizeof s, stdin);
    > printf(s);


    I trust you see the difference between the above
    and printf("%s", s) ?

    Or just use puts.

    --
    Thomas.
    Thomas stegen, Apr 14, 2004
    #5
  6. RoSsIaCrIiLoIA a écrit :
    > On Wed, 14 Apr 2004 08:57:21 +0100, Thomas stegen
    > <> wrote:
    >
    >
    >>RoSsIaCrIiLoIA wrote:
    >>
    >>
    >>>I'm reading a book on safety.
    >>>Do you know that?
    >>>printf("Use:> %s prog\n", argv[0] );
    >>>or
    >>>printf("Use:> %s prog\n", str_in_input);
    >>>is danger.
    >>>If str_in_input=" %x " this would print the return address of printf.

    >>
    >>It will print "Use:> %x prog\n"

    >
    >
    > Yes but this print
    > Inserisci una stringa> %x %hx %hx %hx %hx %hx %hx %hx %hx
    > 40b034 f000 7825 7868 7868 7868 7868 7868 7868
    > Is it possible to exit from s?
    >
    > #include <stdio.h>
    >
    > int main(void)
    > {char s[50] = {0};
    > int d = 0;
    > while( 1 )
    > {
    > printf("Inserisci una stringa> "); fflush(stdout);
    > fgets(s, sizeof s, stdin);
    > printf(s);
    > if(*s=='1') break;
    > }
    > return 0;
    > }
    >


    Indeed printf(s); may be unsafe if s can be entered by a malevolent
    person. However printf("%s", s); or the similar versions in your first
    message are not.

    --
    Richard
    Richard Delorme, Apr 14, 2004
    #6
  7. RoSsIaCrIiLoIA

    Dan Pop Guest

    Re: safety and C

    In <c5j1if$26kdc$-berlin.de> Thomas stegen <> writes:

    >RoSsIaCrIiLoIA wrote:
    >
    >> On Wed, 14 Apr 2004 08:57:21 +0100, Thomas stegen
    >>>It will print "Use:> %x prog\n"

    >>
    >>
    >> Yes but this print

    >
    >Of course it does.
    >
    >> Inserisci una stringa> %x %hx %hx %hx %hx %hx %hx %hx %hx
    >> 40b034 f000 7825 7868 7868 7868 7868 7868 7868
    >> Is it possible to exit from s?

    >
    >s is a string, there is no entrance or exit...
    >
    >> printf("Inserisci una stringa> "); fflush(stdout);
    >> fgets(s, sizeof s, stdin);
    >> printf(s);

    >
    >I trust you see the difference between the above
    >and printf("%s", s) ?


    If he did, he wouldn't have posted the original bullshit in the first
    place...

    Dan
    --
    Dan Pop
    DESY Zeuthen, RZ group
    Email:
    Dan Pop, Apr 14, 2004
    #7
  8. RoSsIaCrIiLoIA <> writes:
    > I'm reading a book on safety.
    > Do you know that?
    > printf("Use:> %s prog\n", argv[0] );
    > or
    > printf("Use:> %s prog\n", str_in_input);
    > is danger.
    > If str_in_input=" %x " this would print the return address of printf.
    > If str_in_input=" %x%x%x%x%x%x%x%x%x%x%x%x%x " it could see the stack.
    > and what If in the stack there is a pointer to a string password?


    Either your book is incorrect, or you've misunderstood it. There is
    an issue here, but your examples don't demonstrate it.

    Here's a simple program that prints its first command-line argument,
    if any, followed by a newline:

    #include <stdio.h>
    int main(int argc, char **argv)
    {
    if (argc >= 2) {
    printf("%s", argv[1]);
    }
    else {
    printf("(no arguments)");
    }
    printf("\n");
    return 0;
    }

    This is perfectly safe (at least for our current purposes).

    Here's another version of the same program:

    #include <stdio.h>
    int main(int argc, char **argv)
    {
    if (argc >= 2) {
    printf(argv[1]); /* DANGER!! */
    }
    else {
    printf("(no arguments)");
    }
    printf("\n");
    return 0;
    }

    On the line marked "DANGER!!", it uses an unchecked string as the
    format argument to printf(). If I run this program with an argument
    like "foobar" or "42", it will work exactly the same way as the first
    version. If the argument happens to contain a printf format, though,
    like "%s", it invokes undefined, because it tells printf() to look for
    a second argument that wasn't actually passed to it.

    The canonical first program contains the line
    printf("hello, world\n");
    It could instead be written as
    printf("%s\n", "hello, world");
    or
    printf("%s", "hello, world\n");
    but it really doesn't make any difference; since the format string is
    a literal, we can tell by inspection that it doesn't contain any
    conversion specifiers. If the string comes from an outside source,
    such as the command line or standard input, we can't make that
    assumption, so we need to use "%s" to guarantee that any specifiers
    that happen to be in the string are just printed, not interpreted.

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    Schroedinger does Shakespeare: "To be *and* not to be"
    Keith Thompson, Apr 14, 2004
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RGlmZmlkZW50?=

    Thread-safety and Singleton methods

    =?Utf-8?B?RGlmZmlkZW50?=, Jan 13, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    504
    Karl Seguin
    Jan 13, 2005
  2. =?Utf-8?B?U2ltbw==?=

    ASP.net and thread safety

    =?Utf-8?B?U2ltbw==?=, Jan 13, 2006, in forum: ASP .Net
    Replies:
    4
    Views:
    616
    =?Utf-8?B?U0VC?=
    Jan 13, 2006
  3. =?Utf-8?B?V2ViTWF0cml4?=

    Static Functions and Thread Safety. How does it work?

    =?Utf-8?B?V2ViTWF0cml4?=, Mar 24, 2006, in forum: ASP .Net
    Replies:
    6
    Views:
    16,182
  4. campus
    Replies:
    2
    Views:
    3,273
    campus
    Aug 27, 2004
  5. Larry Barowski
    Replies:
    12
    Views:
    2,621
    Larry Barowski
    Aug 30, 2004
Loading...

Share This Page