Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*============================================================================
- ----------------------------------------------------------------------------
- stringComp.c - Another way to compare two strings (or even authenticate
- a password).
- (c) Damion 'Phr0z3n.Dev' Tapper, 2013.
- Email: Phr0z3n.Dev@Gmail.com
- ----------------------------------------------------------------------------
- ============================================================================*/
- #define USE_SEC_API /* Comment this line if you do not have the secure libraries. */
- #include <stdio.h> /* For the printf function. */
- #include <stdlib.h> /* For the calloc function. */
- #include <conio.h> /* For the getch function. */
- #include <ctype.h> /* For the isprint function. */
- /*=====================================--=====================================
- VARIABLE NAME DEFINITIONS
- ----------------------------------------------------------------------------*/
- #ifndef TRUE
- #define TRUE 1
- #define FALSE 0
- #endif
- #define LOOP TRUE
- #define BUFFER_LENGTH 25
- #define BUFFER_1 pscs->buffer1
- #define BUFFER_2 pscs->buffer2
- #define INPUT_CHARACTER pscs->inputChar
- #define CHARACTER_INPUT INPUT_CHARACTER = getch()
- #define POSITION pscs->position
- #define INCREMENT pscs->increment
- #define ACTION_OFFSET pscs->actionOffset
- #define NADA (int)NULL
- /* For some compilers NULL is defined as 0 and ((void *)0) for others. */
- #define BACKSPACE_IS_PRESSED INPUT_CHARACTER == 8
- #define ENTER_IS_NOT_PRESSED INPUT_CHARACTER != 13
- #define STRINGS_MATCH INCREMENT == POSITION
- #define RESET_POSITION POSITION = 0
- /*=====================================--=====================================
- TYPE DEFINITIONS
- ----------------------------------------------------------------------------*/
- typedef struct stringCompStruct SCS;
- typedef struct stringCompStruct* PSCS; /* Hungarian notation. */
- #ifndef BOOL
- typedef int BOOL;
- #endif
- struct stringCompStruct
- {
- /*
- * On some compilers, declaring these two variables at the top of the structure
- * could cause severe complications such as pointer conflicts and, eventual,
- * program crash (major traits of an overflow)...
- *
- * ...but being that they will be absolutely allocated (on the heap) (with calloc)... ;)
- */
- char *buffer1;
- char *buffer2;
- char inputChar;
- int position;
- int increment;
- BOOL actionOffset;
- };
- /*=====================================--=====================================
- FUNCTION PROTOTYPE DEFINITIONS
- ----------------------------------------------------------------------------*/
- static void stringEntry(PSCS); /* ...with limited scope (static).*/
- static void stringCopy(PSCS);
- static void stringComp(PSCS);
- static void clearBuffer1(PSCS);
- static void clearBuffer2(PSCS);
- static void freeAllocs(PSCS);
- /*=====================================--=====================================
- MAIN FUNCTION
- ----------------------------------------------------------------------------*/
- int main(void)
- {
- /*
- * "One pointer to rule 'em all...
- * ...one structure to bind 'em."
- */
- PSCS pscs;
- /* "One function to allocate 'em all..." */
- pscs = calloc(1, sizeof(SCS));
- /* "...and on the heap you'll find 'em." */
- BUFFER_1 = calloc(BUFFER_LENGTH, sizeof(char)); /* To be treated as array. */
- BUFFER_2 = calloc(BUFFER_LENGTH, sizeof(char));
- ACTION_OFFSET = FALSE; /* Just to make sure... though calloc has already done the job. */
- stringEntry(pscs);
- return 0;
- }
- /*=====================================--=====================================
- STRING ENTRY FUNCTION
- ----------------------------------------------------------------------------*/
- static void stringEntry(PSCS pscs)
- {
- if(ACTION_OFFSET == FALSE)
- {
- #ifdef USE_SEC_API
- printf_s("Enter first string:\n"); /* The secure printf function (good programming practice). */
- #else
- printf("Enter first string:\n"); /* If you are lacking the secure libraries. */
- #endif
- }
- else
- {
- clearBuffer1(pscs);
- #ifdef USE_SEC_API
- printf_s("\n\nEnter second string:\n");
- #else
- printf("\n\nEnter second string:\n");
- #endif
- }
- while(LOOP) /* <<< ...I always wanted to do this. */
- {
- RESET_POSITION;
- do
- {
- /*
- * An elite system analyst once stated that the implementation
- * of the NULL-terminated string is the single greatest 'mistake'
- * in the history of the C programming language.
- *
- * We have learned that this single fundamental flaw has led
- * to the devastating number of buffer overflow attacks, on
- * mission-critical systems, plaguing the cyberworld to this day...
- *
- * ...hence, the implementation of the secure libraries:
- * strncpy_s, strncat_s, strtok_s, etc.
- *
- * Now we have learned, in the aftermath of this implementation,
- * that such buffer overflow attacks have been reduced by as
- * much as an extraordinary 60 percent annually.
- *
- * All that was required in the beginning was the statement,
- * implementation and restriction of the size of the buffer
- * (in memory) being operated on.
- */
- if(isprint(CHARACTER_INPUT) && POSITION < BUFFER_LENGTH)
- {
- #ifdef USE_SEC_API
- printf_s("%c", INPUT_CHARACTER);
- #else
- printf("%c", INPUT_CHARACTER);
- #endif
- BUFFER_1[POSITION] = INPUT_CHARACTER;
- POSITION++;
- }
- if(BACKSPACE_IS_PRESSED && POSITION)
- {
- POSITION--;
- BUFFER_1[POSITION] = NADA;
- #ifdef USE_SEC_API
- printf_s("\b \b");
- #else
- printf_s("\b \b");
- #endif
- }
- }
- while(ENTER_IS_NOT_PRESSED);
- /*
- * If at least one character is entered.
- * A character is not a string in itself but...
- */
- if(POSITION != NADA)
- {
- if(ACTION_OFFSET == FALSE)
- {
- stringCopy(pscs);
- }
- else
- {
- stringComp(pscs);
- }
- }
- }
- }
- /*=====================================--=====================================
- STRING COPY FUNCTION
- ----------------------------------------------------------------------------*/
- static void stringCopy(PSCS pscs)
- {
- for(POSITION = 0; BUFFER_1[POSITION] != NADA; POSITION++)
- BUFFER_2[POSITION] = BUFFER_1[POSITION];
- /*
- * This triggers the 'stringComp' function call logic upon the next entry.
- */
- ACTION_OFFSET = TRUE;
- stringEntry(pscs);
- }
- /*=====================================--=====================================
- STRING COMPARE FUNCTION
- ----------------------------------------------------------------------------*/
- static void stringComp(PSCS pscs)
- {
- /*
- * This is the clever section.
- * | ABSOLUTELY NO BUFFER OVERFLOW ALLOWED!!! |
- */
- /* STEP 1: Get the length of the first string entered. */
- for(INCREMENT = 0; BUFFER_2[INCREMENT] != NADA; INCREMENT++)
- ;
- /* STEP 2: Get the length of the second string entered. */
- for(POSITION = 0; BUFFER_1[POSITION] != NADA; POSITION++)
- ;
- /* STEP 3a: If both strings are of the same length... DUH! */
- if(INCREMENT == POSITION)
- /*
- * STEP 3b: Now that the aforementioned is a fact...
- * ...run along the first string entered and increment each time.
- */
- for(INCREMENT = 0, POSITION = 0; BUFFER_2[INCREMENT] != NADA; INCREMENT++)
- /*
- * STEP 3c: For everytime a character in the frist string
- * entered matches a character in the second string entered...
- */
- if(BUFFER_1[POSITION] == BUFFER_2[POSITION])
- /* STEP 3d: ...'tally' the position. */
- POSITION++;
- /*
- * STEP 4: If in the end all the characters in the frist string entered
- * match all the characters in the second string entered...
- *
- * ...let's run a test...
- */
- if(STRINGS_MATCH) /* << I Always wanted to do this. */
- {
- /* The result is announced... */
- #ifdef USE_SEC_API
- printf_s("\n\nTHE STRINGS MATCH.\n");
- #else
- printf("\n\nTHE STRINGS MATCH.\n");
- #endif
- }
- else
- {
- #ifdef USE_SEC_API
- printf_s("\n\nTHE STRINGS DO NOT MATCH.\n");
- #else
- printf("\n\nTHE STRINGS DO NOT MATCH.\n");
- #endif
- }
- freeAllocs(pscs);
- exit(0);
- }
- /*=====================================--=====================================
- CLEAR BUFFER FUNCTIONS
- ----------------------------------------------------------------------------*/
- static void clearBuffer1(PSCS pscs)
- {
- for(POSITION = 0; POSITION <= BUFFER_LENGTH; POSITION++)
- /* Thanks to calloc. */
- BUFFER_1[POSITION] = '\0'; /* Instead of 0... just to make sure. */
- }
- static void clearBuffer2(PSCS pscs)
- {
- for(POSITION = 0; POSITION <= BUFFER_LENGTH; POSITION++)
- BUFFER_2[POSITION] = '\0';
- }
- /*=====================================--=====================================
- FREE ALLOCATIONS FUNCTION (Superior Programming Practice)
- ----------------------------------------------------------------------------*/
- static void freeAllocs(PSCS pscs)
- {
- /* This bit would not be possible with arrays per se. */
- free(BUFFER_2);
- free(BUFFER_1);
- free(pscs); /* Reverse order. Similar to 'stack unwinding' (in C++). */
- /*
- * What if the strings you compared were a password used in a
- * mission-critical authentication process? It would be foolish to have any
- * shard of it sitting in memory even after the program closes.
- *
- * Microsoft could take a leaf out of my book.
- */
- #ifdef USE_SEC_API
- printf_s("\n\n<<- Goodbye free world! ->>\n");
- #else
- printf("\n\n<<- Goodbye free world! ->>\n");
- #endif
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement