projects
/
cfe_generate_password.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix off-by-one buffer overflows
[cfe_generate_password.git]
/
cfe_generate_password.c
diff --git
a/cfe_generate_password.c
b/cfe_generate_password.c
index
0fe8273
..
2e21b45
100644
(file)
--- a/
cfe_generate_password.c
+++ b/
cfe_generate_password.c
@@
-60,11
+60,12
@@
#include <stdarg.h>
#include <string.h>
#include <stdarg.h>
#include <string.h>
-static const float VERSION = 1.
0
f;
+static const float VERSION = 1.
1
f;
static const size_t TIMESTAMP_SIZE = 6;
static const size_t SEED_SIZE = 12;
static const size_t PASSWORD_SIZE = 8;
static const size_t MESSAGE_SIZE = 128;
static const size_t TIMESTAMP_SIZE = 6;
static const size_t SEED_SIZE = 12;
static const size_t PASSWORD_SIZE = 8;
static const size_t MESSAGE_SIZE = 128;
+static const size_t MAC_ADDR_SIZE = 17;
static void
pr_usage()
static void
pr_usage()
@@
-85,12
+86,12
@@
static void
pr_error_exit(unsigned int usage, const char *error, ...)
{
va_list args;
pr_error_exit(unsigned int usage, const char *error, ...)
{
va_list args;
- char error_message[MESSAGE_SIZE];
+ char error_message[MESSAGE_SIZE
+ 1
];
if (!error) return;
va_start(args, error);
if (!error) return;
va_start(args, error);
- (void) vsnprintf(error_message, MESSAGE_SIZE, error, args);
+ (void) vsnprintf(error_message, MESSAGE_SIZE
+ 1
, error, args);
va_end(args);
fprintf(stderr, "Error: %s\n", error_message);
va_end(args);
fprintf(stderr, "Error: %s\n", error_message);
@@
-114,11
+115,11
@@
static unsigned int
generate_seed(char *mac, char *timestamp, char *seed)
{
unsigned int result = 0;
generate_seed(char *mac, char *timestamp, char *seed)
{
unsigned int result = 0;
- if (mac && strlen(mac) ==
17
) {
+ if (mac && strlen(mac) ==
MAC_ADDR_SIZE
) {
size_t i;
char *mac_ptr = mac + 9;
size_t ts_len = strlen(timestamp);
size_t i;
char *mac_ptr = mac + 9;
size_t ts_len = strlen(timestamp);
- for (i = 0; i <
=
SEED_SIZE; ++i) {
+ for (i = 0; i < SEED_SIZE; ++i) {
/* if no timestamp assume CFE get_time() returned 0 and CFE g_pw_timestamp == 0x00000000 */
if (i < 6)
seed[i] = ts_len ? timestamp[i] : '0';
/* if no timestamp assume CFE get_time() returned 0 and CFE g_pw_timestamp == 0x00000000 */
if (i < 6)
seed[i] = ts_len ? timestamp[i] : '0';
@@
-140,7
+141,7
@@
generate_pass(char *seed, char *password)
{
unsigned int result = 0;
{
unsigned int result = 0;
- if (seed && strlen(seed) ==
12
) {
+ if (seed && strlen(seed) ==
SEED_SIZE
) {
unsigned int timestamp, byte, key, pass;
timestamp = byte = 0;
if(! sscanf(seed, "%06x", ×tamp))
unsigned int timestamp, byte, key, pass;
timestamp = byte = 0;
if(! sscanf(seed, "%06x", ×tamp))
@@
-230,7
+231,8
@@
main(int argc, char **argv, char **env)
if (! generate_pass(seed, password))
pr_error_exit(0, "unable to generate password");
if (! generate_pass(seed, password))
pr_error_exit(0, "unable to generate password");
- printf("MAC address: %s Timestamp: %s Seed: %s Password: %s\n", MAC_ADDR, timestamp, seed, password);
+ if (opt_seed || opt_pass)
+ printf("MAC address: %s Timestamp: %s Seed: %s Password: %s\n", MAC_ADDR, timestamp, seed, password);
}
return result;
}
return result;