and somehow i don't actually own this community? so i made it friends-only and now i can't get the post back?)
Spot the security hole (from
struct header { int cmd, id, len; }; [...] struct header hdr; char buf[1024], ubuf[1024]; if(read(sock, &hdr, sizeof(hdr)) != sizeof(hdr)) exit(-1); if(hdr.len < sizeof(hdr) || hdr.len > 1024) exit(-1); read(sock, buf, hdr.len); buf[1023] = 0; snprintf(ubuf, sizeof(ubuf), "command was %s", buf);