Example of how to overwrite argv in C

31. January 2012 08:00

 

A short code example to show how to overwrite the contents of argv. It is useful for when a password is passed on the command line and it should not be visible in the process list to other users on the same machine.

 

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main(int argc, char **argv) {
	int i = 0;
	int len = 0;

	if (argc < 2) {
		printf("Usage: %s <some argument>\n", argv[0]);
		exit(EXIT_FAILURE);
	}

	len = strlen(argv[1]);
	for(i=0;i<len;i++) {
		argv[1][i] = 'x';
	}

	system("ps f");

	return 0;
}

 

E-mail Kick it! DZone it! del.icio.us Permalink


C - the string reverse

30. January 2012 08:00

A short example of doing an inplace string reverse in C

 

 

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void swap(char *a, char *b) {
    char tmp = *a;
    *a = *b;
    *b = tmp;
}


int main(int argc, char **argv) {
    if (argc < 2) {
        printf("Usage: %s <string>\n", argv[0]);
        exit(EXIT_FAILURE);
    }

    char *tmp = strdup(argv[1]);
    int len = strlen(tmp);
    int i = 0;

    for(i=0;i<len/2;i++) {
        swap(&tmp[i], &tmp[len - i - 1]);
    }

    printf("%s\n", tmp);

    free(tmp);
    return EXIT_SUCCESS;
}
E-mail Kick it! DZone it! del.icio.us Permalink


Postgres - pg_relation_size is broken

28. January 2012 12:24

 

I started using postgres and inside my first week I amnaged to find an issue with pg_relation_size. The problem being is that SQL is mean to be non case sensitive. So I guess this is a bug since if you have an table name with an upper case character in it things seem to break, Badly.

 

to put this in context I create a table called "Attempts". It is for analyzing password attempts from a honeypot. I wrote a quick syslog parser and fired the output into sql so I could run some quries. So I have the following in postgres.

 

 

=# \d
                 List of relations
 Schema |          Name          |   Type   | Owner
--------+------------------------+----------+-------
 public | Attempts               | table    | root
 public | Attempts_AttemptID_seq | sequence | root
(2 rows)

 

So that is really simple. The following works without a problem. This will also work with a lower case "attempts"

 

 

=# select count(*) from "Attempts";
 count
-------
 24490
(1 row)

 

The following however does not.

 

 

select pg_relation_size('Attempts');

ERROR:  relation "attempts" does not exist
LINE 1: select pg_relation_size('Attempts');

 

Neither does

 

 

select pg_relation_size('attempts');
ERROR:  relation "attempts" does not exist
LINE 1: select pg_relation_size('attempts');

 

Or this.

 

 

select pg_relation_size("attempts");
ERROR:  column "attempts" does not exist
LINE 1: select pg_relation_size("attempts");


select pg_relation_size("Attempts");
ERROR:  column "Attempts" does not exist
LINE 1: select pg_relation_size("Attempts");

 

Or this.

 

select tablename from pg_tables where tablename = 'Attempts';
 tablename
-----------
 Attempts
(1 row)


select tablename,  pg_relation_size(tablename) from pg_tables where tablename = 'attempts';
ERROR:  function pg_relation_size(name) does not exist
LINE 1: select tablename,  pg_relation_size(tablename) from pg_table...
                           ^

 

 

This does ...

 

 

create table tmp (id int);

select pg_relation_size('tmp');
 pg_relation_size
------------------
                0
(1 row)

 

However this does work for both cases.

 

 

ALTER TABLE "Attempts" RENAME TO "attempts"


select pg_relation_size('Attempts');
 pg_relation_size
------------------
          2080768
(1 row)



select pg_relation_size('attempts');
 pg_relation_size
------------------
          2080768
(1 row)

 

 

So I guess that is broken then! This becomes a real pain now. Since I am using some orm software and the schema is defined by the classes in the code and not the other way around. I guess there is an extrac tolower somewhere.

E-mail Kick it! DZone it! del.icio.us Permalink


C Palindrome example

27. January 2012 17:36

 

The following example will check for a palindrom in C. You know one of thoose words spelt the same forwards as backwards. The smart part of this program is the edge case where you have an odd number of letters in the string. Well actually this can simply be ignored since there is no point in comparing the middle charecter to its self.

 

 

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int try(char *str) {
    int len = strlen(str);
    int i;
    for(i =0;i<len/2;i++)
        if (str[i] != str[len - 1 - i])
            return 0;
    return 1;
}

int main(int argc, char**argv) {
    char *s1 = "ffoof";
    char *s2 = "foof";
    char *s3 = "fooof";

    if (try(s1))
        printf("%s\n", s1);

    if (try(s2))
        printf("%s\n", s2);

    if (try(s3))
        printf("%s\n", s3);

    return 0;
}

 

E-mail Kick it! DZone it! del.icio.us Permalink


Home directory location

27. January 2012 08:00

 

On a old decstation 3100 I was deleting last semesters users to try to dig up some disk space, I also deleted some test users at the same time.

 

One user took longer then usual, so I hit control-c and tried ls. 

 

"ls: command not found"

 

Turns out that the test user had / as the home directory and the remove user script in ultrix just happily blew away the whole disk. ftp, telnet, rcp, rsh, etc were all gone. Had to go to tapes, and had one LONG rebuild of X11R5.

 

E-mail Kick it! DZone it! del.icio.us Permalink