/** * @Comment: WSU - Fall 06 - CS 3830-0 * @Title: prj2a.c - Project 2a * @Author: Vincenzo Maggio */ #include #include #include #include #include #include static struct myTime { clock_t timeEnter; clock_t timeExit; } userTime; void InitScreen ( void); void Menu ( void); void Rulers ( void); void UpdateTime ( void); void Wait4userinput ( void); /**/ void Mygets ( void); void Mystrcpy ( void); void Mystrcat ( void); void Mysprintf ( void); void Myscanf ( void); void UpdateTime( void) { struct tm *pMyTime; time_t aclock; time( &aclock); pMyTime = localtime( &aclock); gotoxy( 1,1); printf( "%s", asctime( pMyTime) ); } void InitScreen( void) { system("cls"); system("color f0"); } void Menu( void) { system("cls"); gotoxy( 27, 2); puts("--==]~~~ \01 0xYg3N \01 ~~~[==--"); puts("\n A. Program 1"); puts(" 1. gets() 2. strcpy()"); puts(" 3. strcat() 4. sprintf()"); puts(" 5. scanf() 0. Exit"); printf( "\n\n Enter your choice: "); } void Wait4userinput( void) { while ( !kbhit()) UpdateTime(); } void Rulers( void) { gotoxy( 13, 16); printf( "0 1 2 3 4 5 6 7 8 9 A B C D E F\n"); } void Mygets( void) { static char string[8]; static char saveMe[17]; int i; for ( i = 0; i < 16; i++) saveMe[i] = *( string + i); gotoxy( 2, 12); printf( "To show a buffer overflow with gets(), a user password is simulated. Buffer is char[8], please enter a password (8 < len < 17) chars long: "); gotoxy( 2, 14); printf( "Password: "); Wait4userinput(); gotoxy( 12, 14); gets( string); Rulers(); gotoxy( 2, 18); printf("Before: "); for ( i = 0; i < 16; i++) printf( "%2x ", *(saveMe + i) ); gotoxy( 2, 19); printf("After : "); for ( i = 0; i < 16; i++) printf( "%2x ", *(string + i) ); gotoxy( 33, 20); printf("%c\n", 24); printf(" String should stop here __| ..but goes further"); printf("\n\n Hit \"any\" key to continue..."); Wait4userinput(); getch(); } void Mystrcpy( void) { static char userInput[17]; static char dest[9]; static char saveMe[17]; int i; memset( dest, '\0', 9); for ( i = 0; i < 17; i++) saveMe[i] = *( dest + i); saveMe[16] = '\0'; gotoxy( 2, 12); printf( "To show a buffer overflow with strcpy(), a user password is simulated. Passowrd is char[8], enter a string 8 < len < 17 chars long: "); gotoxy( 2, 14); printf( "Password: "); Wait4userinput(); gotoxy( 12, 14); fgets( userInput, 16, stdin); strcpy( dest, userInput); Rulers(); gotoxy( 2, 18); printf("Before: "); for ( i = 0; i < 16; i++) printf( "%2x ", *(saveMe + i) ); gotoxy( 2, 19); printf("After : "); for ( i = 0; i < 16; i++) printf( "%2x ", *(dest + i) ); gotoxy( 33, 20); printf("%c\n", 24); printf(" String should stop here __| ..but goes further"); printf("\n\n Hit \"any\" key to continue..."); Wait4userinput(); getch(); } void Mystrcat( void) { static char userInput[17]; static char saveMe[17]; static char dest[17]; int i; memset( userInput, '\0', 17); memset( saveMe, '\0', 17); memset( dest, '\0', 15); strcat( dest, "Marcello" ); strcat( dest, " " ); for ( i = 0; i < 17; i++) saveMe[i] = *( dest + i); gotoxy( 2, 12); printf( "Buffer overflow with strcat(). First/Last name situation is simulated. 1st name is: Marcello, input last name at least 9 chars long: "); gotoxy( 2, 14); printf( "Last Name: "); Wait4userinput(); gotoxy( 13, 14); fgets( userInput, 16, stdin); strcat( dest, userInput); Rulers(); gotoxy( 2, 18); printf("Before: "); for ( i = 0; i < 16; i++) printf( "%2x ", *(saveMe + i) ); gotoxy( 2, 19); printf("After : "); for ( i = 0; i < 18; i++) printf( "%2x ", *(dest + i) ); gotoxy( 58, 20); printf("%c\n", 24); gotoxy( 32, 21);printf( "String should stop here __| ..but goes further"); printf("\n Hit \"any\" key to continue..."); Wait4userinput(); getch(); } void Mysprintf( void) { static char lastName[12]; static char saveMe[17]; int i; memset( lastName, '\0', 12); memset( saveMe, '\0', 17); for ( i = 0; i < 17; i++) saveMe[i] = *( lastName + i); gotoxy( 2, 12); printf( "Buffer overflow with sprintf(). Last name buffer is 12 chars long, here we try\nto stuff in it \"Pareto-Kuffstein\" that is 16 chars long."); sprintf( lastName, "Pareto-Kuffstein"); Rulers(); gotoxy( 2, 18); printf("Before: "); for ( i = 0; i < 16; i++) printf( "%2x ", *(saveMe + i) ); gotoxy( 2, 19); printf("After : "); for ( i = 0; i < 12; i++) printf( "%2x ", *(lastName + i) ); gotoxy( 46, 20); printf("%c\n", 24); gotoxy( 20, 21);printf( "String should stop here __| ..but goes further. The string\nBefore, which was made of 16 zeroes, now contains \"tein\""); printf("\n Hit \"any\" key to continue..."); Wait4userinput(); getch(); } void Myscanf( void) { static char dest[12]; static char saveMe[17]; int i; memset( dest, '\0', 12); memset( saveMe, '\0', 17); for ( i = 0; i < 17; i++) saveMe[i] = *( dest + i); gotoxy( 2, 12); printf( "Buffer overflow with scanf(). Insert a string (12 < len < 17) chars long"); gotoxy( 2, 14); printf( "str input: "); Wait4userinput(); gotoxy( 13, 14); scanf( "%s", dest); Rulers(); gotoxy( 2, 18); printf("Before: "); for ( i = 0; i < 16; i++) printf( "%2x ", *(saveMe + i) ); gotoxy( 2, 19); printf("After : "); for ( i = 0; i < 16; i++) printf( "%2x ", *(dest + i) ); gotoxy( 46, 20); printf("%c\n", 24); gotoxy( 20, 21);printf( "String should stop here __| ..but goes further. The string\nBefore, which was made of 16 zeroes, is now overflown"); printf("\n Hit \"any\" key to continue..."); Wait4userinput(); getch(); } /* ---------------------------------- */ void main( ) { char userChoice; userTime.timeEnter = clock(); InitScreen(); LOOP: Menu(); /* trap */ Wait4userinput(); gotoxy( 21, 10); userChoice = getche(); switch ( userChoice ) { case '1': Mygets(); break; case '2': Mystrcpy(); break; case '3': Mystrcat(); break; case '4': Mysprintf(); break; case '5': Myscanf(); break; case '0': goto EXIT; default: gotoxy( 2, 12); printf("Error: wrong value\n Make a new choice\n\n"); system("pause"); goto LOOP; } goto LOOP; EXIT: userTime.timeExit = clock(); system("color 0f"); system("cls"); printf("\n You have been connected for %g seconds", ((userTime.timeExit - userTime.timeEnter) / (double)1000)); printf("\n Thanks for using Prj2a!\n\n"); exit( 0); }