Homework 4 - deadline May 31th
Find all potential vulnerabilities in this C function:
int get_input(unsigned char *prompt)
{
unsigned char question[100];
unsigned char input[80];
char *addrbuf;
struct in_addr *addr;
int i, val, fd;
sprintf(question, "%s> ", prompt);
printf(question);
gets(input);
if (strlen(input) > 79) {
printf("Input is too long!\n");
return 0;
}
val = atoi(input);
if (val > 0) {
if (access ("/tmp/mydata", O_RDWR)) {
fd = open("/tmp/mydata", O_RDWR);
addrbuf = malloc(val*sizeof(addr));
for (i = 0; i < val; i++) {
if (read(0, addrbuf, sizeof(*addr)) < 0)
return 0;
write(fd, addrbuf, sizeof(addrbuf));
}
close(fd);
} else {
printf("You do can not write to output file\n");
return 0;
}
}
return val;
}
Please submit the homework below (log in to courses.cs.ut.ee environment with your ut.ee account), plain text is sufficient but PDF is also OK:
4. Homework 4Solutions for this task can no longer be submitted.