@hacky02:~$ cat /Uebungen/Aufgabenblatt01/Aufgabe03/heap.c#include <stdio.h>

1. @hacky02:~$ cat /Uebungen/Aufgabenblatt01/Aufgabe03/heap.c
2. #include <stdio.h>
3. #include <stdlib.h>
4. #include <string.h>
5. #include <unistd.h>
6.  
7.  
8. #define SECRETFILE "/Uebungen/Aufgabenblatt01/Aufgabe03/secret"
9. #define PASSFILE "/Uebungen/Aufgabenblatt01/Aufgabe03/pass"
10. #define ROOT_USER 1337
11.  
12.  
13.  
14. void loadsecret(char *file, char *data, int len) {
15. FILE *fp;
16. fp = fopen(file, "r");
17. if (fp){
18. fgets(data, len, fp);
19. fclose(fp);
20. } else {
21. printf("Error opening %s\n", file);
22. exit(-1);
23. }
24. }
25.  
26. void usage(char *app) {
27. printf("Usage: %s username password\n\n", app);
28. exit(-1);
29. }
30.  
31.  
32. int main(int argc, char **argv) {
33.  
34. /* Allocating space on the heap for preventing overwrite of SEIP */
35. char *username = malloc(64);
36. char *password = malloc(64);
37. char *secret = malloc(128);
38.  
39. /* Checking for arguments */
40. if (argc < 3) usage(argv[0]);
41.  
42. /* Loading password from file */
43. loadsecret(PASSFILE, password, 20);
44. loadsecret(SECRETFILE, secret, 128);
45.  
46. /* Dropping privs, so nobody can get root */
47. /*setresuid(getuid(),getuid(),getuid());
48. setresgid(getgid(),getgid(),getgid());*/
49. setresuid(ROOT_USER,ROOT_USER,ROOT_USER);
50. setresgid(ROOT_USER,ROOT_USER,ROOT_USER);
51.  
52.  
53. strcpy(username, argv[1]);
54.  
55. if ( strncmp(password, argv[2],20) == 0 ) {
56. printf("Welcome %s!\n",username);
57. printf("The secret data for today is:\n%s\n",secret);
58. /* beeing paranoid and deleting the data from memory */
59. free(secret);
60. }
61. }