Signal handling help

Networking/Security Forums -> Programming and More

Author: zzddk PostPosted: Wed Apr 14, 2010 8:59 pm    Post subject: Signal handling help
    ----
hey can someone help me out. I'm trying to figure out the vulnerability of this program. My guess was to use the handle_signal method and change to value of cmdbuf so I will be able to run my own script. Any help is appreciated.

Code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>

char cmdbuf[128] = "echo interrupt signal caught, terminating ";
char *progname;

/*
 * Handle a ^C keyboard interrupt in case the program is running
 * too long and the user terminates.
 */
void handle_signal(int sig)
{
  int len = sizeof(cmdbuf) - (strlen(cmdbuf) + 1);
  if (strlen(progname) > len)
    progname[len] = '\0';
  strcat(cmdbuf, progname);

  system(cmdbuf);
  exit(1);
}

void usage()
{
  printf("%s <n> where 0 < n <= 5.000\n", progname);
  exit(1);
}

/*
 * The program takes one argument line parameter n (which has to be a
 * positive integer input parameter) and then prints out the first n
 * prime numbers.
 */
int main(int argc, char **argv)
{
  struct sigaction sa;
  int cnt, N, found;
  unsigned long candidate, divisor;

  gid_t egid = getegid();
  setregid(egid, egid);

  /* set up signal handling */
  memset(&sa, sizeof(struct sigaction), 0);
  sa.sa_handler = handle_signal;
  sigaction(SIGINT, &sa, NULL);


  /* process argument */
  progname = argv[0];
  if (argc != 2)
    usage();
  N = strtol(argv[1], NULL, 10);
  if ((N <= 0) || (N > 5000))
    usage();


  /* calculate prime numbers -- simple sieve */
  candidate = 1;
  for (cnt = 0; cnt < N; ++cnt) {

    for (;;) {
      found = 1;
      divisor = 2;
      candidate += 1;

      while (divisor <= candidate/2) {
   if ((candidate % divisor) == 0) {
     found = 0;
     break;
   }
   else
     ++divisor;
      }
      if (found)
   break;
    }
    printf("%ld\n", candidate);
  }
 
  return 0;
}


Moderator note: edited to add code tags - capi

Author: rvdwestenLocation: Breda, The Netherlands PostPosted: Fri Jul 23, 2010 2:44 pm    Post subject:
    ----
Code:

strcat(cmdbuf, progname);

system(cmdbuf);


Says enough when you see

Code:

progname = argv[0];

Author: capiLocation: Portugal PostPosted: Tue Jul 27, 2010 2:19 am    Post subject:
    ----
What rvdwesten said. Also...
zzddk wrote:
My guess was to use the handle_signal method [...]

The handle_signal... method?!?!?!



Networking/Security Forums -> Programming and More


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group