Guest User

/* ghosttest.c: GHOST vulnerability tester */

a guest
Jan 28th, 2015
171
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /* ghosttest.c: GHOST vulnerability tester */
  2. /* Credit: http://www.openwall.com/lists/oss-security/2015/01/27/9 */
  3. #include <netdb.h>
  4. #include <stdio.h>
  5. #include <stdlib.h>
  6. #include <string.h>
  7. #include <errno.h>
  8.  
  9. #define CANARY "in_the_coal_mine"
  10.  
  11. struct {
  12. char buffer[1024];
  13. char canary[sizeof(CANARY)];
  14. } temp = { "buffer", CANARY };
  15.  
  16. int main(void) {
  17. struct hostent resbuf;
  18. struct hostent *result;
  19. int herrno;
  20. int retval;
  21.  
  22. /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  23. size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
  24. char name[sizeof(temp.buffer)];
  25. memset(name, '0', len);
  26. name[len] = '\0';
  27.  
  28. retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
  29.  
  30. if (strcmp(temp.canary, CANARY) != 0) {
  31. puts("vulnerable");
  32. exit(EXIT_SUCCESS);
  33. }
  34. if (retval == ERANGE) {
  35. puts("not vulnerable");
  36. exit(EXIT_SUCCESS);
  37. }
  38. puts("should not happen");
  39. exit(EXIT_FAILURE);
  40. }
RAW Paste Data