[ale] C question

Tue May 27 16:22:59 EDT 2014

Oh, and usual disclaimers apply, no code has been tested to ensure it is
safe for consumption by man or silicon (or carbon nanotubes, gallium
nitride, gallium arsenide, polymer or anything else we can dream up). :)

On 2014-05-27 13:11, Alex Carver wrote:
> Well, to start with the most simple change, after your #includes I would
> add:
> 
> #define CMDBUFF 512
> 
> and then your declaration of Command[] becomes
> 
> char Command[CMDBUFF];
> 
> the sprintf() then changes to:
> 
> snprintf(Command, CMDBUFF-1, "ssh user2 at server...blahblahblah %s", argv[1]);
> 
> That prevents a possible overflow of Command[] which could lead to all
> sorts of nasties.
> 
> 
> The other things I would do which involves more code would be to test
> the length of argv[1] (strlen() should do), determine if it's five or
> less characters from that, cut out the first five (or less) characters
> and copy them to a new buffer, run the comparison using the already
> provided is_5char_alnum() function and then snprintf() that trimmed
> buffer into Command[].
> 
> So I might do something like:
> 
> #define TRIMARGV 6 /* this is in the declarations at top of file */
> 
> char trimmed_argv[TRIMARGV];
> char * CommandPtr;
> CommandPtr = Command; /* note the new declarations to eliminate the
> (char *) casting in system() */
> 
> snprintf(trimmed_argv, TRIMARGV-1, "%s", argv[1]); /* copies no more
> than TRIMARGV-1 bytes to trimmed_argv[], stops early if argv[1] is null
> terminated within the length TRIMARGV-1 */
> 
> /* an alternative could be memcpy(trimmed_argv, argv[1], LENGTH); where
> LENGTH is a computed number based on strlen(argv[1]) and the value of
> TRIMARGV-1 others may wish to chime in here */
> 
> if ( is_5char_alnum(trimmed_argv) )
> {
> 	snprintf(Command, CMDBUFF-1, "ssh lorem ipsum...%s", trimmed_argv);
> 	system(CommandPtr);
> }
> else
> {
> 	fprintf(stderr, "Nope, sorry\n"); /* print to the standard error output
> instead of standard output */
> }
> 
> On 2014-05-27 12:39, Robert L. Harris wrote:
>> How to call it, the example you gave is what I was looking for, and I'll
>> put that in.
>>
>> If you have an example which is simple ( so I don't have to figure out what
>> are the relevant parts ) I would like to learn some of this.  The only
>> thing is this is the first C program I've written in over 20 years and very
>> likely the last for the next 20, I just don't have reason to do it.
>>
>> Robert
>>
>>
>>
>> On Tue, May 27, 2014 at 1:29 PM, Alex Carver <agcarver+ale at acarver.net>wrote:
>>
>>> It's already written as a function definition, you just have to put it
>>> in the file and then call it in your program before the system() call:
>>>
>>> int main(int argc, char **argv)
>>> {
>>>    setuid( 662705787 );
>>>
>>>    char Command[512];
>>>    if ( is_5char_alnum(argv[1]) == 1 )
>>>    {
>>>         sprintf(Command, "ssh user2 at Server2 -C '/home/user2/bin/Test.sh
>>> %s'", argv[1]);
>>>       system((char *)Command);
>>>    }
>>>    else
>>>    {
>>>      printf("Bad input\n");
>>>    }
>>>    return 0;
>>> }
>>>
>>>
>>> Though you really should adjust things to use snprintf() and reparse
>>> argv[] into another variable first to sanitize it before feeding it into
>>> a command.
>>>
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 
> 