Skip to content

Instantly share code, notes, and snippets.

@cxxr
Created December 2, 2022 20:13
Show Gist options
  • Save cxxr/ae96e9d04218fac4f10cac38f274e774 to your computer and use it in GitHub Desktop.
Save cxxr/ae96e9d04218fac4f10cac38f274e774 to your computer and use it in GitHub Desktop.
Here is some C code. Does this code have any vulnerabilities?
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define BUFFERSIZE 200
#define TRUE 1
#define FALSE 0
int copy_it( char * input )
{
char localbuf[ BUFFERSIZE ];
char c, *p = input, *d = &localbuf[0];
char *upperlimit = &localbuf[ BUFFERSIZE-10 ];
int quotation = FALSE;
int roundquote = FALSE;
memset( localbuf, 0, BUFFERSIZE );
while( (c = *p++) != '\0' ){
if(( c == '<' ) && (!quotation)){
quotation = TRUE;
upperlimit--;}
if(( c == '>' ) && (quotation)){
quotation = FALSE;
upperlimit++;}
if(( c == '(' ) && ( !quotation ) && !roundquote){
roundquote = TRUE;
/*upperlimit--;*/}
if(( c == ')' ) && ( !quotation ) && roundquote){
roundquote = FALSE;
upperlimit++;}
// If there is sufficient space in the buffer, write the character.
if( d < upperlimit )
*d++ = c;
}
if( roundquote )
*d++ = ')';
if( quotation )
*d++ = '>';
printf("%d: %s\n", (int)strlen(localbuf), localbuf);
}
int main( int argc, char **argv ){
if( argc > 1 )
copy_it( argv[1] );
else
printf("Please supply a command line argument.\n");
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment