Skip to content
Snippets Groups Projects
Normal view Permalink
cwe190.c 1005 B
Newer Older
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
1 2 3 
// Based on MITRE's CWE-190, demonstrative example 2
// https://cwe.mitre.org/data/definitions/190.html
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
4 
#include <stdint.h>
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
5 6 
#include <stdlib.h>
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
7 8 9 
volatile size_t _rand;
// returns a random size_t
size_t random_size_t(void) {
Andre Maroneze's avatar
[basic-cwe-examples] add Makefile and improvements  
Andre Maroneze committed
10 11 12 
  return _rand;
}
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
13 14 
size_t packet_get_size_t_ok() {
  return random_size_t() ? 0 : 123456; // ok size
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
15 16 
}
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
17 18 
size_t packet_get_size_t_problem() {
  return random_size_t() ? (SIZE_MAX/2+1) : 0; // too large
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
19 20 21 22 23 24 25 26 
}

char *packet_get_string(const char *s) {
  return "string";
}

int main() {
  char **response;
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
27 
  size_t nresp = packet_get_size_t_ok();
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
28 29 
  if (nresp > 0) {
    response = malloc(nresp*sizeof(char*));
Andre Maroneze's avatar
[basic-cwe-examples] add Makefile and improvements  
Andre Maroneze committed
30 
    if (!response) exit(1);
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
31 
    for (size_t i = 0; i < nresp; i++) response[i] = packet_get_string(NULL);
Andre Maroneze's avatar
[basic-cwe-examples] add Makefile and improvements  
Andre Maroneze committed
32 
    free(response);
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
33 34 
  }
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
35 
  nresp = packet_get_size_t_problem();
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
36 37 
  if (nresp > 0) {
    response = malloc(nresp*sizeof(char*));
Andre Maroneze's avatar
[basic-cwe-examples] add Makefile and improvements  
Andre Maroneze committed
38 
    if (!response) exit(1);
Andre Maroneze's avatar
[basic-cwe-examples] use size_t for a more definite error in 64-bit machdep  
Andre Maroneze committed
39 
    for (size_t i = 0; i < nresp; i++) response[i] = packet_get_string(NULL);
Andre Maroneze's avatar
[basic-cwe-examples] add Makefile and improvements  
Andre Maroneze committed
40 
    free(response);
Andre Maroneze's avatar
Initial commit
Andre Maroneze committed
41 42 43 
  }
  return 0;
}