Advertisement
cyberpunk7925

Untitled

Dec 11th, 2022
72
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 19.47 KB | None | 0 0
  1. STR30-C: DO NOT TRY TO MODIFY STRING LITERAL.
  2.  
  3. VULNERABILITY:
  4. //Str30-c : Don’t try to modify string literal.
  5.  #include<stdio.h>
  6.  
  7. int main ()
  8. {
  9.     char *p = "hii iam good";
  10.     p [0] = 'U';
  11.     return 0;
  12. }
  13. MITIGATION: WE CAN STORE STRING AS AN ARRAY SO, IT IS POSSIBLE TO MODIFY STRING.
  14. #include <stdio.h>
  15. int main()
  16. {
  17. char name[20];
  18. printf("Enter name: ");
  19. scanf("%s", name);
  20. name[0] = 'U';
  21. printf("Your name is %s.", name);
  22. return 0;
  23. }
  24. STR36-C. Do not specify the bound of a character array initialized with a string literal.”
  25. VULNERABILITY:
  26. #include<stdio.h>
  27. int main()
  28. {
  29.     char a[5] = "this is good one";
  30.     printf("%s",a);
  31.     return 0 ;
  32.  
  33. }
  34. MITIGATION:
  35. #include <stdio.h>
  36.        int main()
  37.      {
  38.         char a[] = “iam good”;
  39.          gets(a);
  40.          puts(a);
  41.          return 0;
  42.     }
  43. STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
  44.  
  45.  
  46. VULNERABILITY:
  47. #include <stdio.h>
  48. int main() {
  49.     char s1[4], s2[2], i;
  50.     printf("Enter string s1: ");
  51.     fgets(s1, sizeof(s1), stdin);
  52.  
  53.     for (i = 0; s1[i] != '\0'; ++i) {
  54.         s2[i] = s1[i];
  55.     }
  56.     s2[i] = '\0';
  57.     printf("String s2: %s", s2);
  58.     return 0;
  59. }
  60. MITIGATION:
  61. #include <stdio.h>
  62. int main() {
  63.     char s1[5], s2[5], i;
  64.     printf("Enter string s1: ");
  65.     fgets(s1, sizeof(s1), stdin);
  66. for (i = 0; i <= 4; ++i) {
  67.         s2[i] = s1[i];
  68.     }
  69.     s2[i] = '\0';
  70.     printf("String s2: %s", s2);
  71. return 0;
  72. }
  73. //MSC34-C. Do not use deprecated or obsolescent functions
  74. VULNERABILITY:
  75. #include<stdio.h>
  76. int main()
  77. {
  78.  char s[10];
  79.     gets(s);
  80.     //fgets(s,sizeof(s),stdin);
  81.     printf("%s",s);
  82. }
  83.  
  84.  
  85. //MITIGATION:
  86. #include<stdio.h>
  87. int main()
  88. {
  89.  char s[10];
  90.     //gets(s);
  91.     fgets(s,sizeof(s),stdin);
  92.     printf("%s",s);
  93. }
  94.  
  95. MSC00-C. Compile cleanly at high warning levels
  96. VULNERABILITY:
  97. #include <stdio.h>
  98. #include<string.h>
  99. int main(){
  100.     size_t len;
  101.  char cstr[] = "harley";
  102.  signed char scstr[] = "signed harley";
  103.  unsigned char ucstr[] = "unsigned harley";
  104.  len = strlen(cstr);
  105.  len = strlen(scstr);
  106.  len = strlen(ucstr);
  107.     return 0;
  108. }
  109. //MSC00-C.
  110. // mitigation
  111. #include <stdio.h>
  112. #include<string.h>
  113. int main () {
  114. size_t len;
  115. char cstr[] = "char string";
  116. len = strlen(cstr);
  117. printf("%ld",len);
  118. return(0);
  119. }
  120. TO EXECUTE AND MITIGATE HEAPOVERFLOW
  121. VULNERABILITY:
  122. #include<stdio.h>
  123. int main()
  124. {
  125.     for (int i=0; i<10000000; i++)
  126.     {
  127.        // Allocating memory without freeing it
  128.        int *ptr = (int *)malloc(sizeof(int));
  129.        free(ptr);
  130.     }
  131. }
  132. MITIGATION:
  133. #include<stdio.h>
  134. int main()
  135. {   for (int i=0; i<10000000; i++)
  136.     { // Allocating memory without freeing it
  137.        int *ptr = (int *)malloc(sizeof(int));
  138.        free(ptr);
  139.     }
  140. }
  141. TO EXECUTE AND MITIGATE STACK OVERFLOW
  142. VULNERABILITY:
  143. #include<stdio.h>
  144. void calculate(int a) {
  145.    if (a== 0){
  146.        return ;  }
  147.    else  {
  148.        a = a + 1 ;
  149.        calculate(a); }
  150. }
  151. int main() {
  152.    int a = 1;
  153.    calculate(a);
  154. }
  155. MITIGATION:
  156. #include<stdio.h>
  157. void calculate(int a) {
  158.    if (a== 0){
  159.        return ;  }
  160.    else  {
  161.        a = a - 1 ;
  162.        calculate(a); }
  163. }
  164. int main() {
  165.    int a = 1;
  166.    calculate(a);
  167. }
  168. EXECUTE AND MITIGATE STACKSMASHING
  169. VULNERABILITY:
  170. #include <stdio.h>
  171. #include <string.h>
  172. int main(void)
  173. {
  174.     char buff[20];
  175.     int pass = 0;
  176.     printf("\n Enter the password : \n");
  177.     gets(buff);
  178.     if(strcmp(buff, "ram4444"))
  179.     {
  180.         printf ("\n Wrong Password \n");
  181.     }
  182.     else
  183.     {
  184.         printf ("\n Correct Password \n");
  185.         pass = 1;
  186.     }
  187.     if(pass)
  188.     {
  189.         printf ("granted");
  190.     }
  191.     return 0;
  192. }
  193. //if we enter password length more than buffer size then we will get an error like stack smashing detected
  194. MEM09-C. Do not assume memory allocation functions initialize memory
  195. VULNERABILITY:
  196. #include <stdio.h>
  197. #include<stdlib.h>
  198. int main()
  199. {
  200.     int *arr1=malloc(5*sizeof(int*));
  201.     int sum = 0 ;
  202.     for(int i=0;i<5;i++)
  203.     {
  204.         sum = sum + *(arr1+i);
  205.     }
  206.     printf("sum = %d\n",sum);
  207.   return 0;
  208. }
  209. MITIGATION:
  210. Use calloc() function as it will allocate memory and initialize the values also.
  211.  
  212. #include <stdio.h>
  213. #include<stdlib.h>
  214. int main()
  215. {
  216.     int *arr1=calloc(5,sizeof(int*));
  217.     int sum = 0 ;
  218.     for(int i=0;i<5;i++)
  219.     {
  220.         sum = sum + *(arr1+i);
  221.     }
  222.     printf("sum = %d\n",sum);
  223.   return 0;
  224. }
  225. MEM32-C: Detect and handle memory allocation errors
  226. VULNERABILITY:
  227. #include<stdio.h>
  228. #include<stdlib.h>
  229. int main()
  230. {
  231.  int *arr1=calloc(-5,sizeof(int));
  232.  return 0;
  233. }
  234. mitigation:
  235. #include<stdio.h>
  236. #include<stdlib.h>
  237. int main()
  238. {
  239.  int *arr1=calloc(-5,sizeof(int));
  240.  if(arr1!=NULL)
  241.  {
  242.  printf("Memory is allocated\n");
  243.  printf("The array is: ");
  244.  for(int i=0;i<5;i++)
  245.  {
  246.  printf("%d ",*(arr1+i));
  247.  }
  248.  }
  249.  else
  250.  {
  251.  printf("Memory isn't allocated\n");
  252.  }
  253.  return 0;
  254. }
  255. EXP34-C. Do not dereference null pointers – Deference Null or Invalid pointers
  256. VULNERABILITY:
  257. #include<stdio.h>
  258. #include<stdlib.h>
  259. int main(int argc, char **argv){
  260.     int *ptr = (int*)malloc(sizeof(int));
  261.     ptr = NULL;
  262.     printf("%d",*ptr);
  263.     return 0 ;    
  264. }
  265. MITIGATION:
  266. #include<stdio.h>
  267. #include<stdlib.h>
  268. int main(int argc, char **argv){
  269.     int *ptr = (int*)malloc(sizeof(int));
  270.     if ( ptr != NULL )
  271.     {
  272.          *ptr = 5 ;
  273.           printf("%d",*ptr);
  274.     }
  275.     else
  276.     {
  277.         printf("memory is not created");
  278.     }
  279.     return 0 ;
  280.  
  281. }
  282. CWE-416: Use After Free
  283. #include <stdio.h>
  284. #include <unistd.h>
  285. int main()
  286. {
  287.     int *p = (int*)malloc(sizeof(int));
  288.     *p = 6 ;
  289.     free(p);
  290.     *p = 4;
  291.     printf("%d",*p);
  292.     return 0 ;
  293. }
  294. After deallocating the memory user is still able to modify the value in the memory as the pointer still stores the address of that memory, so after deallocating the memory we need to point pointer to NULL.
  295.  
  296.  
  297. #include <stdio.h>
  298. #include <unistd.h>
  299. int main(int argc, char **argv)
  300. {
  301. int *p = (int*)malloc(sizeof(int));
  302. *p = 6 ;
  303. free(p);
  304. p = NULL;
  305. *p = 4;
  306. return 0 ;
  307. }
  308. Cwe415-c : double free
  309. VULNERABILITY:
  310. #include<stdio.h>
  311. int main(){
  312.     int * p = (int *)malloc(sizeof(int));
  313.     free(p);
  314.     free(p);
  315.     return 0;
  316. }
  317. MITIGATION:
  318. #include<stdio.h>
  319. int main(){
  320.     int * p = (int *)malloc(sizeof(int));
  321.     free(p);
  322.     p = NULL;
  323.     free(p);
  324.     return 0;
  325. }
  326. CWE-401: Missing Release of Memory after Effective Lifetime
  327. VULNERABILITY:
  328. #include <stdlib.h>
  329. #include<stdio.h>
  330. int main()
  331. {
  332.  int *ptr = (int *) malloc(sizeof(int));
  333.   return 0 ;
  334. }
  335. MITIGATION:
  336. #include <stdlib.h>
  337. #include<stdio.h>
  338. int main(){
  339.  int *ptr = (int *) malloc(sizeof(int));
  340.  if ( ptr != NULL)
  341.  {
  342.      free(ptr);
  343.      printf("memory freed");}
  344.  return 0 ;
  345.  }
  346. “MEM04-C. Do not perform zero-length allocations,” provides additional guidance about zero-length allocations.
  347. VULNERABILITY:
  348. #include <stdio.h>
  349. #include <unistd.h>
  350. int main()
  351. {
  352.     int *p = (int*)malloc(sizeof(int));
  353.     int size ;
  354.     printf("enter size to reallocate:");
  355.     scanf("%d",size);
  356.     p = (int*)realloc(p,size);
  357.     printf("%d",*p);
  358. }
  359. MITIGATION:
  360. #include <stdio.h>
  361. #include<stdlib.h>
  362. int main()
  363. {
  364.     int *p = (int*)malloc(sizeof(int));
  365.     int size ;
  366.     printf("enter size to reallocate:");
  367.     scanf("%d",&size);
  368.     if (size == 0)
  369.     {
  370.         printf("re-enter the size :");
  371.         scanf("%d",&size);
  372.     }
  373.     else
  374.     {
  375.         p = (int*)realloc(p,size);
  376.         printf("%d",p[0]);
  377.     }
  378.     return 0 ;
  379. }
  380. TRUNCATION VULNERABILITY:
  381. // storing a large data type in a short data type leads to loss of data
  382. #include <stdio.h>
  383. #include<stdlib.h>
  384. #include<limits.h>
  385. int main()
  386. {
  387.     unsigned int *p = (int*)malloc(sizeof( unsigned int));
  388.     *p = UINT_MAX;
  389.     printf("UINT_MAX = %u\n",*p);
  390.     unsigned int *c = (int*)malloc(sizeof(unsigned int));
  391.     *c = UINT_MAX+1;
  392.     printf("UINT_MAX =  = %u\n",*c);
  393.     unsigned short d = *p + *c;
  394.     printf("value out unsigned integer: %u\n", *p +*c);
  395.     printf("value out unsigned short integer: %u", d);
  396.  
  397.    return 0;
  398. }
  399. COVERSION OF INTERGERS
  400. // CHANGE IN SIGN WHEN CONVERTING FROM UNSIGNED TO SIGNED OR SIGNED TO UNSIGNED leads to loss of sign(conversion).
  401. #include <stdio.h>
  402. #include<stdlib.h>
  403. #include<limits.h>
  404. int main()
  405. {
  406.     unsigned int *a = (int*)malloc(sizeof(unsigned int));
  407.     *a = UINT_MAX;
  408.     int *b = (int*)malloc(sizeof(int));
  409.     *b = *a;
  410.      printf("signed range: %d <= x <= %d \n", INT_MIN,INT_MAX);
  411.      printf("unsigned range: %u <= x <= %u\n ", 0,UINT_MAX);
  412.      printf("unsigned int value = %u\n",*a);
  413.      printf(" signed  int value = %d",*b);
  414.  
  415.    return 0;
  416. }
  417. MITIGATION:
  418. #include <stdio.h>
  419. #include <stdlib.h>
  420. #include<string.h>
  421. int main(){
  422. unsigned int size=-1;
  423. char *input_str="ksjdbfks";
  424. int *array;
  425. if (size < 3) {
  426. char *c_str = (char *)malloc(size);
  427. memcpy(c_str, input_str, 30);
  428. printf("%s",c_str);}
  429. else{
  430. printf("cant pass negetive values into malloc");
  431. }
  432. return(0);
  433. }
  434. To execute and implement formatted outputs.
  435. frpintf():
  436. CODE:
  437. #include<stdio.h>
  438. int main(int argc, char** argv)
  439. {
  440. printf(argv[1]);
  441. return0;
  442. }
  443. MITIGATION:
  444. #include<stdio.h>
  445. int main(int argc, char** argv)
  446. {
  447. printf("%s",argv[1]);
  448. return 0;
  449. }
  450. sprintf():
  451. CODE:
  452. #include<stdio.h>
  453. int main()
  454. {
  455. char buffer[50];
  456. int a = 10, b = 20, c;
  457. c = a + b;
  458. sprintf(buffer, "sum of two numbersssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss
  459. is %d", c);
  460. printf("%s", buffer);
  461. return 0;
  462. }
  463. MITIGATION:
  464. #include<stdio.h>
  465. int main()
  466. {
  467. char buffer[50];
  468. int a = 10, b = 20, c;
  469. c = a + b;
  470. snprintf(buffer,25, "Sum of %d and %d is %d k", a, b, c);
  471. printf("%d", (int)sizeof(buffer));
  472. return 0;
  473. }
  474. fprintf():
  475. CODE:
  476. #include<stdio.h>
  477. int main()
  478. {
  479. int i, n=2;
  480. char str[50];
  481. FILE *fptr = fopen("sample.txt", "w");
  482. if (fptr == NULL)
  483. {
  484. printf("Could not open file");
  485. return 0;
  486. }
  487. for (i=0; i<n; i++)
  488. {
  489. puts("Enter a name");
  490. gets(str);
  491. fprintf(fptr,"%d.%s\n", i, str);
  492. }
  493. fclose(fptr);
  494. return 0;
  495. }
  496.  
  497.  
  498. RAW Paste Data
  499. STR30-C: DO NOT TRY TO MODIFY STRING LITERAL.
  500.  
  501. VULNERABILITY:
  502. //Str30-c : Don’t try to modify string literal.
  503.  #include<stdio.h>
  504.  
  505. int main ()
  506. {
  507.     char *p = "hii iam good";
  508.     p [0] = 'U';
  509.     return 0;
  510. }
  511. MITIGATION: WE CAN STORE STRING AS AN ARRAY SO, IT IS POSSIBLE TO MODIFY STRING.
  512. #include <stdio.h>
  513. int main()
  514. {
  515. char name[20];
  516. printf("Enter name: ");
  517. scanf("%s", name);
  518. name[0] = 'U';
  519. printf("Your name is %s.", name);
  520. return 0;
  521. }
  522. STR36-C. Do not specify the bound of a character array initialized with a string literal.”
  523. VULNERABILITY:
  524. #include<stdio.h>
  525. int main()
  526. {
  527.     char a[5] = "this is good one";
  528.     printf("%s",a);
  529.     return 0 ;
  530.  
  531. }
  532. MITIGATION:
  533. #include <stdio.h>
  534.        int main()
  535.      {
  536.         char a[] = “iam good”;
  537.          gets(a);
  538.          puts(a);
  539.          return 0;
  540.     }
  541. STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
  542.  
  543.  
  544. VULNERABILITY:
  545. #include <stdio.h>
  546. int main() {
  547.     char s1[4], s2[2], i;
  548.     printf("Enter string s1: ");
  549.     fgets(s1, sizeof(s1), stdin);
  550.  
  551.     for (i = 0; s1[i] != '\0'; ++i) {
  552.         s2[i] = s1[i];
  553.     }
  554.     s2[i] = '\0';
  555.     printf("String s2: %s", s2);
  556.     return 0;
  557. }
  558. MITIGATION:
  559. #include <stdio.h>
  560. int main() {
  561.     char s1[5], s2[5], i;
  562.     printf("Enter string s1: ");
  563.     fgets(s1, sizeof(s1), stdin);
  564. for (i = 0; i <= 4; ++i) {
  565.         s2[i] = s1[i];
  566.     }
  567.     s2[i] = '\0';
  568.     printf("String s2: %s", s2);
  569. return 0;
  570. }
  571.  
  572. MSC00-C. Compile cleanly at high warning levels
  573. VULNERABILITY:
  574. #include <stdio.h>
  575. #include<string.h>
  576. int main(){
  577.     size_t len;
  578.  char cstr[] = "harley";
  579.  signed char scstr[] = "signed harley";
  580.  unsigned char ucstr[] = "unsigned harley";
  581.  len = strlen(cstr);
  582.  len = strlen(scstr);
  583.  len = strlen(ucstr);
  584.     return 0;
  585. }
  586. TO EXECUTE AND MITIGATE HEAPOVERFLOW
  587. VULNERABILITY:
  588. #include<stdio.h>
  589. int main()
  590. {
  591.     for (int i=0; i<10000000; i++)
  592.     {
  593.        // Allocating memory without freeing it
  594.        int *ptr = (int *)malloc(sizeof(int));
  595.        free(ptr);
  596.     }
  597. }
  598. MITIGATION:
  599. #include<stdio.h>
  600. int main()
  601. {   for (int i=0; i<10000000; i++)
  602.     { // Allocating memory without freeing it
  603.        int *ptr = (int *)malloc(sizeof(int));
  604.        free(ptr);
  605.     }
  606. }
  607. TO EXECUTE AND MITIGATE STACK OVERFLOW
  608. VULNERABILITY:
  609. #include<stdio.h>
  610. void calculate(int a) {
  611.    if (a== 0){
  612.        return ;  }
  613.    else  {
  614.        a = a + 1 ;
  615.        calculate(a); }
  616. }
  617. int main() {
  618.    int a = 1;
  619.    calculate(a);
  620. }
  621. MITIGATION:
  622. #include<stdio.h>
  623. void calculate(int a) {
  624.    if (a== 0){
  625.        return ;  }
  626.    else  {
  627.        a = a - 1 ;
  628.        calculate(a); }
  629. }
  630. int main() {
  631.    int a = 1;
  632.    calculate(a);
  633. }
  634. EXECUTE AND MITIGATE STACKSMASHING
  635. VULNERABILITY:
  636. #include <stdio.h>
  637. #include <string.h>
  638. int main(void)
  639. {
  640.     char buff[20];
  641.     int pass = 0;
  642.     printf("\n Enter the password : \n");
  643.     gets(buff);
  644.     if(strcmp(buff, "ram4444"))
  645.     {
  646.         printf ("\n Wrong Password \n");
  647.     }
  648.     else
  649.     {
  650.         printf ("\n Correct Password \n");
  651.         pass = 1;
  652.     }
  653.     if(pass)
  654.     {
  655.         printf ("granted");
  656.     }
  657.     return 0;
  658. }
  659. //if we enter password length more than buffer size then we will get an error like stack smashing detected
  660. MEM09-C. Do not assume memory allocation functions initialize memory
  661. VULNERABILITY:
  662. #include <stdio.h>
  663. #include<stdlib.h>
  664. int main()
  665. {
  666.     int *arr1=malloc(5*sizeof(int*));
  667.     int sum = 0 ;
  668.     for(int i=0;i<5;i++)
  669.     {
  670.         sum = sum + *(arr1+i);
  671.     }
  672.     printf("sum = %d\n",sum);
  673.   return 0;
  674. }
  675. MITIGATION:
  676. Use calloc() function as it will allocate memory and initialize the values also.
  677.  
  678. #include <stdio.h>
  679. #include<stdlib.h>
  680. int main()
  681. {
  682.     int *arr1=calloc(5,sizeof(int*));
  683.     int sum = 0 ;
  684.     for(int i=0;i<5;i++)
  685.     {
  686.         sum = sum + *(arr1+i);
  687.     }
  688.     printf("sum = %d\n",sum);
  689.   return 0;
  690. }
  691. MEM32-C: Detect and handle memory allocation errors
  692. VULNERABILITY:
  693. #include<stdio.h>
  694. #include<stdlib.h>
  695. int main()
  696. {
  697.  int *arr1=calloc(-5,sizeof(int));
  698.  return 0;
  699. }
  700. mitigation:
  701. #include<stdio.h>
  702. #include<stdlib.h>
  703. int main()
  704. {
  705.  int *arr1=calloc(-5,sizeof(int));
  706.  if(arr1!=NULL)
  707.  {
  708.  printf("Memory is allocated\n");
  709.  printf("The array is: ");
  710.  for(int i=0;i<5;i++)
  711.  {
  712.  printf("%d ",*(arr1+i));
  713.  }
  714.  }
  715.  else
  716.  {
  717.  printf("Memory isn't allocated\n");
  718.  }
  719.  return 0;
  720. }
  721. EXP34-C. Do not dereference null pointers – Deference Null or Invalid pointers
  722. VULNERABILITY:
  723. #include<stdio.h>
  724. #include<stdlib.h>
  725. int main(int argc, char **argv){
  726.     int *ptr = (int*)malloc(sizeof(int));
  727.     ptr = NULL;
  728.     printf("%d",*ptr);
  729.     return 0 ;    
  730. }
  731. MITIGATION:
  732. #include<stdio.h>
  733. #include<stdlib.h>
  734. int main(int argc, char **argv){
  735.     int *ptr = (int*)malloc(sizeof(int));
  736.     if ( ptr != NULL )
  737.     {
  738.          *ptr = 5 ;
  739.           printf("%d",*ptr);
  740.     }
  741.     else
  742.     {
  743.         printf("memory is not created");
  744.     }
  745.     return 0 ;
  746.  
  747. }
  748. CWE-416: Use After Free
  749. #include <stdio.h>
  750. #include <unistd.h>
  751. int main()
  752. {
  753.     int *p = (int*)malloc(sizeof(int));
  754.     *p = 6 ;
  755.     free(p);
  756.     *p = 4;
  757.     printf("%d",*p);
  758.     return 0 ;
  759. }
  760. After deallocating the memory user is still able to modify the value in the memory as the pointer still stores the address of that memory, so after deallocating the memory we need to point pointer to NULL.
  761.  
  762.  
  763. #include <stdio.h>
  764. #include <unistd.h>
  765. int main(int argc, char **argv)
  766. {
  767. int *p = (int*)malloc(sizeof(int));
  768. *p = 6 ;
  769. free(p);
  770. p = NULL;
  771. *p = 4;
  772. return 0 ;
  773. }
  774. Cwe415-c : double free
  775. VULNERABILITY:
  776. #include<stdio.h>
  777. int main(){
  778.     int * p = (int *)malloc(sizeof(int));
  779.     free(p);
  780.     free(p);
  781.     return 0;
  782. }
  783. MITIGATION:
  784. #include<stdio.h>
  785. int main(){
  786.     int * p = (int *)malloc(sizeof(int));
  787.     free(p);
  788.     p = NULL;
  789.     free(p);
  790.     return 0;
  791. }
  792. CWE-401: Missing Release of Memory after Effective Lifetime
  793. VULNERABILITY:
  794. #include <stdlib.h>
  795. #include<stdio.h>
  796. int main()
  797. {
  798.  int *ptr = (int *) malloc(sizeof(int));
  799.   return 0 ;
  800. }
  801. MITIGATION:
  802. #include <stdlib.h>
  803. #include<stdio.h>
  804. int main(){
  805.  int *ptr = (int *) malloc(sizeof(int));
  806.  if ( ptr != NULL)
  807.  {
  808.      free(ptr);
  809.      printf("memory freed");}
  810.  return 0 ;
  811.  }
  812. “MEM04-C. Do not perform zero-length allocations,” provides additional guidance about zero-length allocations.
  813. VULNERABILITY:
  814. #include <stdio.h>
  815. #include <unistd.h>
  816. int main()
  817. {
  818.     int *p = (int*)malloc(sizeof(int));
  819.     int size ;
  820.     printf("enter size to reallocate:");
  821.     scanf("%d",size);
  822.     p = (int*)realloc(p,size);
  823.     printf("%d",*p);
  824. }
  825. MITIGATION:
  826. #include <stdio.h>
  827. #include<stdlib.h>
  828. int main()
  829. {
  830.     int *p = (int*)malloc(sizeof(int));
  831.     int size ;
  832.     printf("enter size to reallocate:");
  833.     scanf("%d",&size);
  834.     if (size == 0)
  835.     {
  836.         printf("re-enter the size :");
  837.         scanf("%d",&size);
  838.     }
  839.     else
  840.     {
  841.         p = (int*)realloc(p,size);
  842.         printf("%d",p[0]);
  843.     }
  844.     return 0 ;
  845. }
  846. TRUNCATION VULNERABILITY:
  847. // storing a large data type in a short data type leads to loss of data
  848. #include <stdio.h>
  849. #include<stdlib.h>
  850. #include<limits.h>
  851. int main()
  852. {
  853.     unsigned int *p = (int*)malloc(sizeof( unsigned int));
  854.     *p = UINT_MAX;
  855.     printf("UINT_MAX = %u\n",*p);
  856.     unsigned int *c = (int*)malloc(sizeof(unsigned int));
  857.     *c = UINT_MAX+1;
  858.     printf("UINT_MAX =  = %u\n",*c);
  859.     unsigned short d = *p + *c;
  860.     printf("value out unsigned integer: %u\n", *p +*c);
  861.     printf("value out unsigned short integer: %u", d);
  862.  
  863.    return 0;
  864. }
  865. COVERSION OF INTERGERS
  866. // CHANGE IN SIGN WHEN CONVERTING FROM UNSIGNED TO SIGNED OR SIGNED TO UNSIGNED leads to loss of sign(conversion).
  867. #include <stdio.h>
  868. #include<stdlib.h>
  869. #include<limits.h>
  870. int main()
  871. {
  872.     unsigned int *a = (int*)malloc(sizeof(unsigned int));
  873.     *a = UINT_MAX;
  874.     int *b = (int*)malloc(sizeof(int));
  875.     *b = *a;
  876.      printf("signed range: %d <= x <= %d \n", INT_MIN,INT_MAX);
  877.      printf("unsigned range: %u <= x <= %u\n ", 0,UINT_MAX);
  878.      printf("unsigned int value = %u\n",*a);
  879.      printf(" signed  int value = %d",*b);
  880.  
  881.    return 0;
  882. }
  883. MITIGATION:
  884. #include <stdio.h>
  885. #include <stdlib.h>
  886. #include<string.h>
  887. int main(){
  888. unsigned int size=-1;
  889. char *input_str="ksjdbfks";
  890. int *array;
  891. if (size < 3) {
  892. char *c_str = (char *)malloc(size);
  893. memcpy(c_str, input_str, 30);
  894. printf("%s",c_str);}
  895. else{
  896. printf("cant pass negetive values into malloc");
  897. }
  898. return(0);
  899. }
  900. To execute and implement formatted outputs.
  901. frpintf():
  902. CODE:
  903. #include<stdio.h>
  904. int main(int argc, char** argv)
  905. {
  906. printf(argv[1]);
  907. return0;
  908. }
  909. MITIGATION:
  910. #include<stdio.h>
  911. int main(int argc, char** argv)
  912. {
  913. printf("%s",argv[1]);
  914. return 0;
  915. }
  916. sprintf():
  917. CODE:
  918. #include<stdio.h>
  919. int main()
  920. {
  921. char buffer[50];
  922. int a = 10, b = 20, c;
  923. c = a + b;
  924. sprintf(buffer, "sum of two numbersssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss
  925. is %d", c);
  926. printf("%s", buffer);
  927. return 0;
  928. }
  929. MITIGATION:
  930. #include<stdio.h>
  931. int main()
  932. {
  933. char buffer[50];
  934. int a = 10, b = 20, c;
  935. c = a + b;
  936. snprintf(buffer,25, "Sum of %d and %d is %d k", a, b, c);
  937. printf("%d", (int)sizeof(buffer));
  938. return 0;
  939. }
  940. fprintf():
  941. CODE:
  942. #include<stdio.h>
  943. int main()
  944. {
  945. int i, n=2;
  946. char str[50];
  947. FILE *fptr = fopen("sample.txt", "w");
  948. if (fptr == NULL)
  949. {
  950. printf("Could not open file");
  951. return 0;
  952. }
  953. for (i=0; i<n; i++)
  954. {
  955. puts("Enter a name");
  956. gets(str);
  957. fprintf(fptr,"%d.%s\n", i, str);
  958. }
  959. fclose(fptr);
  960. return 0;
  961. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement