Evan Martin (evan) wrote in evan_tech,
Evan Martin
evan
evan_tech
(feh, messed this up once.
and somehow i don't actually own this community? so i made it friends-only and now i can't get the post back?)

Spot the security hole (from conjecture):
struct header {
    int cmd, id, len;
};

[...]

struct header hdr;
char buf[1024], ubuf[1024];
if(read(sock, &hdr, sizeof(hdr)) != sizeof(hdr))
    exit(-1);
if(hdr.len < sizeof(hdr) || hdr.len > 1024)
    exit(-1);
read(sock, buf, hdr.len);
buf[1023] = 0;
snprintf(ubuf, sizeof(ubuf), "command was %s", buf);
Subscribe
  • Post a new comment

    Error

    switch
    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
    Help
  • 17 comments