Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 23647d3

Browse files
committedFeb 12, 2020
Initial Commit
0 parents  commit 23647d3

File tree

4 files changed

+105
-0
lines changed

4 files changed

+105
-0
lines changed
 

‎bin/supersafeprogram

28.5 KB
Binary file not shown.

‎bin/supersafeprogramgcc

16.6 KB
Binary file not shown.

‎input/init_input

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
SAFEFILEHEADER
2+
A
3+
TEST
4+
ABC
5+
DEF

‎supersafeprogram.c

Lines changed: 100 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,100 @@
1+
// ------------------------------------------------------------
2+
// File: supersafeprogram.c
3+
// Created by: Secure D Center Team
4+
// Date: 11 Feb 2020
5+
// Description: Target file for fuzzing example
6+
// Compiling: afl-gcc supersafeprogram.c -o supersafeprogram
7+
// Usage: ./supersafeprogram input_file
8+
// ------------------------------------------------------------
9+
10+
#include <stdio.h>
11+
#include <stdlib.h>
12+
#include <string.h>
13+
14+
char *strrev(char *str)
15+
{
16+
if (!str || ! *str)
17+
return str;
18+
19+
int i = strlen(str) - 2, j = 0;
20+
21+
char ch;
22+
while (i > j)
23+
{
24+
ch = str[i];
25+
str[i] = str[j];
26+
str[j] = ch;
27+
i--;
28+
j++;
29+
}
30+
return str;
31+
}
32+
33+
int main(int argc, char* argv[]) {
34+
if (argc != 2) {
35+
printf("Usage: %s input_file\n", argv[0]);
36+
return 1;
37+
}
38+
39+
int line_num = 1;
40+
char * line = NULL;
41+
size_t len = 0;
42+
ssize_t read_count;
43+
char buffer[20];
44+
int mode = 0;
45+
FILE *file_pointer;
46+
47+
// Can't open file
48+
if ((file_pointer = fopen(argv[1], "r")) == NULL) {
49+
printf("Can't open %s\n", argv[1]);
50+
exit(1);
51+
}
52+
53+
while ((read_count = getline(&line, &len, file_pointer)) != -1) {
54+
// Line 1 must be "SAFEFILEHEADER"
55+
if (line_num == 1) {
56+
if (read_count != 15 || strncmp("SAFEFILEHEADER\n", line, 15) != 0) {
57+
printf("Invalid file!\n");
58+
exit(1);
59+
}
60+
line_num++;
61+
continue;
62+
}
63+
// Line 2 must be "A" or "Z"
64+
else if (line_num == 2) {
65+
if (read_count != 2) {
66+
printf("Invalid mode!\n");
67+
exit(1);
68+
}
69+
switch(line[0]) {
70+
// Mode A prints out each line
71+
case 'A':
72+
mode = 1;
73+
printf("==Mode A==\n");
74+
break;
75+
// Mode Z copies line to buffer variable and prints the variable
76+
case 'Z':
77+
mode = 2;
78+
printf("==Mode Z==\n");
79+
break;
80+
// Others are invalid
81+
default:
82+
printf("Invalid mode!\n");
83+
exit(1);
84+
}
85+
}
86+
// Use dangerous function in mode 2
87+
else {
88+
if (mode == 1) {
89+
printf("%s", line);
90+
}
91+
else if (mode == 2) {
92+
strcpy(buffer, line);
93+
printf("%s", strrev(buffer));
94+
}
95+
}
96+
line_num++;
97+
}
98+
99+
return 0;
100+
}

0 commit comments

Comments
 (0)
Please sign in to comment.