SHARE
TWEET

Untitled

a guest Sep 11th, 2019 156 in 19 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <wchar.h>
  4. #define PASSWORD "ABCD1234!"
  5. /*You need not worry about other include statements if at all any are missing */
  6.  
  7. void func1()
  8. {
  9.     char * data;
  10.     char * dataBuffer = (char *)ALLOCA(100*sizeof(char)); //Risk of NPE or wrong syntax ALLOCA -> alloca
  11.     memset(dataBuffer, 'A', 100-1);
  12.     dataBuffer[100-1] = '\0';
  13.     data = dataBuffer - 8;
  14.     {
  15.         char source[100];
  16.         memset(source, 'C', 100-1);
  17.         source[100-1] = '\0';
  18.         strcpy(data, source);
  19.         if(data != NULL)
  20.         {
  21.             printf("%s\n", data);
  22.         }
  23.     }
  24. }
  25.  
  26. void func2()
  27. {
  28.     char * data;
  29.     data = NULL;
  30.     data = (char *)calloc(100, sizeof(char));
  31.     strcpy(data, "A String");
  32.     if(data != NULL)
  33.     {
  34.         printf("%s\n", data); //Memory leak possible (strcpy() -> free() not used)
  35.     }
  36. }
  37.  
  38. void func3()
  39. {
  40.     char * password;
  41.     char passwordBuffer[100] = "";
  42.     password = passwordBuffer;
  43.     strcpy(password, PASSWORD);
  44.     {
  45.         HANDLE pHandle;
  46.         char * username = "User";
  47.         char * domain = "Domain";
  48.         /* Let's say LogonUserA is a custon authentication function*/
  49.         if (LogonUserA(
  50.                     username,
  51.                     domain,
  52.                     password,
  53.                     &pHandle) != 0)
  54.         {
  55.             printf("User logged in successfully.\n");
  56.             CloseHandle(pHandle);
  57.         }
  58.         else
  59.         {
  60.             printf("Unable to login.\n");
  61.         }
  62.     }
  63. }
  64.  
  65. static void func4()
  66. {
  67.     char * data;
  68.     data = NULL;
  69.     data = (char *)calloc(20, sizeof(char));
  70.     if (data != NULL)
  71.     {
  72.         strcpy(data, "Initialize");
  73.         if(data != NULL)
  74.         {
  75.             printf("%s\n", data);
  76.         }
  77.         free(data);
  78.     }
  79. }
  80.  
  81. void func5()
  82. {
  83.     int i = 0;
  84.     do
  85.     {
  86.         printf("%d\n", i);
  87.         i = (i + 1) % 256;
  88.     } while(i >= 0); // Infinite loop: (i + 1) % 256 >= 0 always true
  89. }
  90.  
  91. void func6()
  92. {
  93.     char dataBuffer[100] = "";
  94.     char * data = dataBuffer;
  95.     printf("Please enter a string: ");
  96.     if (fgets(data, 100, stdin) < 0)
  97.     {
  98.         printf("fgets failed!\n");
  99.         exit(1);
  100.     }
  101.     if(data != NULL)
  102.     {
  103.         printf("%s\n", data);
  104.     }
  105.  
  106. }
  107.  
  108. void func7()
  109. {
  110.     char * data;
  111.     data = "Fortify";
  112.     data = NULL;
  113.     printf("%s\n", data); //Null pointer dereference (112: data = NULL)
  114. }
  115.  
  116. int main(int argc, char * argv[])
  117. {
  118.     printf("Calling func1\n");
  119.     func1();
  120.  
  121.     printf("Calling func2\n");
  122.     func2();
  123.  
  124.     printf("Calling func3\n");
  125.     func3();
  126.  
  127.     printf("Calling func4\n");
  128.     func4();
  129.  
  130.     printf("Calling func5\n");
  131.     func5();
  132.  
  133.     printf("Calling func6\n");
  134.     func6();
  135.  
  136.     printf("Calling func7\n");
  137.     func7();
  138.  
  139.     return 0;
  140. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top