トップ «前の日記(2015年01月18日) 最新 次の日記(2015年03月05日)» 編集

Masa's blog

検索キーワード:

2015年01月31日 check program for GHOST [長年日記]

_ check program for GHOST

#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>

#define CANARY "in_the_coal_mine"

struct
{
  char buffer[1024];
  char canary[sizeof (CANARY)];
}
temp =
{
"buffer", CANARY};

int
main (void)
{
  struct hostent resbuf;
  struct hostent *result;
  int herrno;
  int retval;

		  /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  size_t len =
    sizeof (temp.buffer) - 16 * sizeof (unsigned char) - 2 * sizeof (char *) -
    1;
  char name[sizeof (temp.buffer)];
  memset (name, '0', len);
  name[len] = '\0';

  retval =
    gethostbyname_r (name, &resbuf, temp.buffer, sizeof (temp.buffer),
		     &result, &herrno);

  if (strcmp (temp.canary, CANARY) != 0)
    {
      puts ("vulnerable");
      exit (EXIT_SUCCESS);
    }
  if (retval == ERANGE)
    {
      puts ("not vulnerable");
      exit (EXIT_SUCCESS);
    }
  puts ("should not happen");
  exit (EXIT_FAILURE);
}