l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2002 Feb 01 10:37

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] RE: vox-tech digest, Vol 1 #104 - 14 msgs
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] RE: vox-tech digest, Vol 1 #104 - 14 msgs





> -----Original Message-----
> Date: Thu, 31 Jan 2002 23:25:47 -0800 (PST)
> From: Jeff Newmiller <jdnewmil@dcn.davis.ca.us>
> To: vox-tech@lists.lugod.org
> Subject: Re: [vox-tech] [C newbie]C program is acting weird...
> Reply-To: vox-tech@lists.lugod.org
>
> On Thu, 31 Jan 2002, Ryan wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > for some reason this is spitting out 3 char responses once in a
> while, anyone
> > have any ideas? I don't know much C, this is just some code I modified.
> >
> > Also, if anyone knows how to get it to include numbers mixed in
> with the
> > letters i'd like to know how.
>
> Change the loop statement to a block of code that assigns a number from,
> say, 0 to 35, to string[i].  Then use an if statement or ?: operator to
> add either 'a' or ('0'-26) to that number depending whether it is less
> than 26 or not.
>
> > - ------
> >
> > #include <stdio.h>
> > #include <sys/types.h>
> > #include <unistd.h>
> > #include <signal.h>
> > #include <stdlib.h>
> > #include <time.h>
> > #include <string.h>
> >
> > #include "version.h"
> >
> > #define SESSION_TIMEOUT 20
> >
> > #define MAX_RESPONSE 200
> > #define MAX_REQUEST 100
> >
> > #define MIN_LEN 4
> > #define MAX_LEN 9
> >
> > char *randusername()
> > {
> >         char *string;
>
> You have not initialized space to put the characters that this string
> points to, so you are putting them in, ah, unpredictable locations in
> memory.  The behavior of the program after you write to string[0] is
> undefined. I would recommend "static char string[ MAX_LEN+1 ]".
>
> >         int i, length;
> >         // randomly choose a length betweem MIN_LEN and MAX_LEN
> >         length = MIN_LEN + random() / (RAND_MAX / (MAX_LEN + 2
> - MIN_LEN))-1;
>
> >         if (string = malloc(length + 2), string == NULL)
> >                 return NULL;

Why do you assume he doesn't know what he's doing with that char* string.
Did you look farther down to see the malloc()? If he changed the code as you
suggest, it would break instantly.

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.