update
This commit is contained in:
@@ -0,0 +1,13 @@
|
||||
CC=gcc
|
||||
CFLAGS= -z execstack -fno-stack-protector -g
|
||||
|
||||
all: is_valid_html product_register
|
||||
|
||||
is_valid_html: is_valid_html.c
|
||||
$(CC) -o is_valid_html is_valid_html.c $(CFLAGS)
|
||||
|
||||
product_register: product_register.c
|
||||
$(CC) -o product_register product_register.c $(CFLAGS)
|
||||
|
||||
clean:
|
||||
rm is_valid_html product_register
|
||||
@@ -0,0 +1,63 @@
|
||||
/*
|
||||
Hassan Khan <hassan.khan@uoguelph.ca>
|
||||
University of Guelph
|
||||
Buffer Overflow Lab
|
||||
|
||||
Program that verifies that the argument is a valid html file
|
||||
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
int verify_signature(char *buffer) {
|
||||
char VALID_SIGNATURE[24] = "<!DOCTYPE HTML PUBLIC";
|
||||
return strncmp(VALID_SIGNATURE, buffer, strlen(VALID_SIGNATURE));
|
||||
}
|
||||
|
||||
int verify_extension(char* fname) {
|
||||
char extension[4];
|
||||
char* ptr_fname = fname;
|
||||
while (*ptr_fname) {
|
||||
if (*ptr_fname++ == '.') {
|
||||
strcpy(extension, ptr_fname);
|
||||
break;
|
||||
}
|
||||
}
|
||||
return strcmp("html", extension);
|
||||
}
|
||||
|
||||
int main(int argc, char ** argv) {
|
||||
char buffer[256];
|
||||
FILE *file = NULL;
|
||||
int rv = 0;
|
||||
|
||||
//verify the number of arguments
|
||||
if (argc < 2) {
|
||||
printf("Usage: %s <file-to-test>\n", argv[0]);
|
||||
return 0;
|
||||
}
|
||||
rv = verify_extension(argv[1]);
|
||||
if (rv != 0) {
|
||||
printf("Invalid html\n");
|
||||
return 0;
|
||||
}
|
||||
//read file
|
||||
if ((file = fopen(argv[1], "r")) == NULL) {
|
||||
printf("File read error\n");
|
||||
return 0;
|
||||
}
|
||||
fscanf(file,"%[^\n]", buffer);
|
||||
fclose(file);
|
||||
|
||||
rv = verify_signature(buffer);
|
||||
if (rv != 0) {
|
||||
printf("Invalid html\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
printf("Valid html\n");
|
||||
return 1;
|
||||
|
||||
}
|
||||
@@ -0,0 +1,47 @@
|
||||
/*
|
||||
Hassan Khan <hassan.khan@uoguelph.ca>
|
||||
CIS*6540: Buffer Overflow Lab
|
||||
*/
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#define BUF_LEN 32
|
||||
|
||||
int match_prod_key(char* key) {
|
||||
char usr_key[BUF_LEN];
|
||||
char rv = 0;
|
||||
char saved_key[BUF_LEN] = "123456"; //TODO: store in a secure DB
|
||||
int cmp = 0;
|
||||
strcpy(usr_key, key);
|
||||
char* ptr_usr_key = usr_key;
|
||||
char* ptr_saved_key = saved_key;
|
||||
|
||||
for (; *ptr_usr_key || *ptr_saved_key;)
|
||||
cmp += (*ptr_usr_key++) - (*ptr_saved_key++);
|
||||
|
||||
if (cmp == 0)
|
||||
return !rv;
|
||||
else
|
||||
return rv;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
char rv = 0;
|
||||
char local_buf[BUF_LEN];
|
||||
|
||||
if (argc != 2) {
|
||||
printf("Usage: %s <product-key>\n", argv[0]);
|
||||
return 0;
|
||||
}
|
||||
//Prevent nefarious buffer overflow by limiting to prod key and a null term
|
||||
strncpy(local_buf, argv[1], BUF_LEN + 1);
|
||||
rv = match_prod_key(local_buf);
|
||||
|
||||
if (rv == 1)
|
||||
printf("Product Key Accepted!!!\n");
|
||||
else
|
||||
printf("Invalid Product Key\n");
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user