12 interesting questions and answers in C Language

Source: Internet
Author: User
Tags password protection

12 interesting questions and answers in C Language

12 questions in C language, involving pointers, processes, operations, struct, functions, and memory. Let's see how many questions you can make!

1. gets () function

Q: Please find out the problem in the following code:

#include
 
   int main(void) {     char buff[10];     memset(buff,0,sizeof(buff));     gets(buff);     printf( The buffer entered is [%s],buff);     return 0; }
 

A: The problem in the code above lies in the use of the function gets (). This function receives a string from stdin without checking the cache volume it copies, which may cause cache overflow. We recommend that you use the standard function fgets.

2. strcpy () function

Q: The following is a simple password protection function. Can you crack the password without knowing it?

#include
 
   int main(int argc, char *argv[]) {     int flag = 0;     char passwd[10];     memset(passwd,0,sizeof(passwd));     strcpy(passwd, argv[1]);     if(0 == strcmp(LinuxGeek, passwd))     {         flag = 1;     }     if(flag)     {         printf( Password cracked );     }     else     {         printf( Incorrect passwd );     }     return 0; }
 

A: The key to cracking the preceding encryption is to use the strcpy () function. Therefore, when users Input random passwords to the passwd cache, they do not check whether the capacity of passwd is sufficient in advance. Therefore, if you enter a long "password" that is sufficient to cause cache overflow and overwrite the default value of the "flag" variable, even if the password cannot pass verification, the flag verification bit becomes non-zero, so that the protected data can be obtained. For example:

$ ./psswd aaaaaaaaaaaaa Password cracked

Although the above password is incorrect, we can still bypass password security protection through cache overflow.

To avoid this problem, we recommend using the strncpy () function.

Note: The latest compiler detects the possibility of stack overflow internally, so it is difficult to store variables in the stack to cause stack overflow. This is the case by default in my gcc, so I have to use the compile command '-fno-stack-protector' to implement the above scheme.

3. main () return type

Q: Can the following code be compiled? If yes, is there any potential problems?

#include
 
   void main(void) {     char *ptr = (char*)malloc(10);     if(NULL == ptr)     {         printf( Malloc failed );         return;     }     else     {         // Do some processing         free(ptr);     }     return; }
 

A: Because of the return type of the main () method, errors in this Code are considered as warnings in most compilers. The return type of main () should be "int" rather than "void ". Because the "int" return type causes the program to return the status value. This is very important, especially when a program is running as part of a script dependent on the successful running of the program.

4. Memory leakage

Q: Will the following code cause memory leakage?

#include
 
   void main(void) {     char *ptr = (char*)malloc(10);     if(NULL == ptr)     {         printf( Malloc failed );         return;     }     else     {         // Do some processing     }     return; }
 

A: Although the above Code does not release the memory allocated to the "ptr", it does not cause memory leakage after the program exits. After the program ends, all the memory allocated by the program will be automatically processed. However, if the above Code is in a "while loop", it will lead to a serious memory leakage problem!

Tip: If you want to know

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.