-2
void updateConfigParams( void ) {
    char buffer [512];
    int i = 0;

while (( c = readFromWireless ()) != NULL) 
{
    buffer [ i ] = c;
    i += 1; 
} 
writeConfigParams ( buffer );
}

I'm only getting to grips with buffer overflow so please could somebody show me how the following code needs to be changed to prevent a buffer overflow and also explain how the new code stops the writing past the end of the buffer.

Retired Ninja
  • 4,785
  • 3
  • 25
  • 35
HHEX
  • 13
  • 1
  • 1
  • 6
  • 2
    Do you understand buffer overflow? If yes then its fairly trivial. – bashrc Dec 08 '16 at 03:55
  • @bashrc That's the issue i'm struggling to understand it. – HHEX Dec 08 '16 at 03:57
  • 1
    Wouldn't you just make sure it doesn't go over your 512 size?? – Omid CompSCI Dec 08 '16 at 03:59
  • 1
    What happens when i > 512? There's nothing that prevents you running right off the end of the buffer. – Retired Ninja Dec 08 '16 at 03:59
  • @RetiredNinja I understand that the buffer size is 512 bytes but i don't know what code needs to be added/changed to prevent it going over 512. – HHEX Dec 08 '16 at 04:02
  • 2
    If you don't understand that then you don't understand the most basic elements of the C language. If you're going to program in C, you might want to learn some first instead of asking people on the internet to solve trivial problems for you. – Carey Gregory Dec 08 '16 at 05:01

5 Answers5

2

You need to add buffer size check at start of while loop if(i == sizeof(buffer)) break;

and add \0 at the end of buffer if writeConfigParams expects a string

Pras
  • 4,047
  • 10
  • 20
0

You Could add the following if Statement to check the Buffer Overflow condition. after incrementing the variable i 

i+=1;
if(i > 512)
    break;

Once the i reaches the buffer limit you will exit the loop.

hariudkmr
  • 191
  • 1
  • 12
0

Buffer overflow is when you try to write beyond the memory address allocated for the buffer.

In your case you have allocated 512 bytes, so your code should make sure that you never de-reference beyond buffer + 511. In other words

buffer [i] // i should never exceed 511

Your code should have if checks to stop taking input once your index counter reaches equal to the size of buffer.

bashrc
  • 4,725
  • 1
  • 22
  • 49
  • The OP's question was how to do that so you didn't answer the question. – Carey Gregory Dec 08 '16 at 05:09
  • @CareyGregory "Your code should have if checks to stop taking input once your index counter reaches equal to the size of buffer." Also see the OP's reply on my comment. >>Do you understand buffer overflow? >>@bashrc That's the issue i'm struggling to understand it. – bashrc Dec 08 '16 at 05:42
-1
void updateConfigParams( void ) {
    char buffer [512];
    int i = 0;

    while (i < 512 && ( c = readFromWireless ()) != NULL) {
        buffer [ i++ ] = c;
    } 
    writeConfigParams ( buffer );
}
prashant mavadiya
  • 176
  • 1
  • 2
  • 9
-1

I would do something along the following lines:

bool
updateConfigParams( void ) {
  char buffer[512] = {};
  int i = 0;

  while( (c = readFromWireless()) != NULL ) {
    if( i == sizeof(buffer) - 1 ) {
      warn("readFromWireless exceeded %zu byte limit", sizeof(buffer));
      return false;
    } 
    buffer[i++] = c;
  }
  writeConfigParams( buffer );
  return true;
}

Depending on the state of your program, it might be more appropriate simply to call err(3). Important points are:

  • When writing to an array, always ensure you're in bounds.
  • When collecting input into an array, always be prepared for input that exceeds the array's size. What to do with input you can't accept is application-dependent.
  • When internal storage is exceeded by an action the programmer can't prevent at compile time -- such as a wireless device sending "too much" data -- inform the user and the program. Above, the program emits a message, and the function returns an error status.
  • Partial input is usually suspect and should not be accepted.

Edit: pursuant to a comment, I added initialization to buffer. Since writeConfigParams takes no length parameter, perhaps it accepts a NUL-terminated string.

James K. Lowden
  • 7,574
  • 1
  • 16
  • 31
  • 1
    How does `writeConfigParams ( )` know how much of `buffer` to write? – chux - Reinstate Monica Dec 08 '16 at 04:52
  • And what is `c`? You're just relying on it defaulting to `int`? – Carey Gregory Dec 08 '16 at 05:07
  • @CareyGregory, I don't know what `c` is. It certainly doesn't "default" to anything. I don't have a declaration for `writeConfigParams`, either, and so on. It's his code, and it doesn't compile. He didn't ask to make it compile; he asked how to deal with buffer overflows. That's the question I answered. If my answer is going to be downvoted, I'd sure like to know how it fails to answer the question asked. – James K. Lowden Dec 08 '16 at 05:14
  • `c` will default to `int` in K&R C, which is why I asked. I don't know who downvoted so don't assume commenters did. – Carey Gregory Dec 08 '16 at 05:19
  • Re downvote, thanks, acknowledged. Re K&R, not in this case. You might be thinking of implicit return types for functions. If a stray variable name shows up without being defined, that was an error, even on a PDP/8. :-) – James K. Lowden Dec 08 '16 at 05:36
  • Eh, you're right. For some reason I was thinking k&C defaulted variables to int. – Carey Gregory Dec 08 '16 at 15:12