C programming-Challenge #1

+2 Sagar Bhandari · December 16, 2014
Hey guys! This is my first post here!
Following code works well!

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main()
{
   int upper=0;
    int lower=0;
    int number=0;
    int wild=0;
    int chuck=0;
    char password[16];
    printf("Please create a password  \n");
    printf("Your password must be less than 16 characters\n");
    scanf("%s",password);
    int check=(strlen(password));
    printf("Processing...\n\n");
    for(chuck=0; chuck<=(check-1); chuck++)
        {
        if(isupper(password[chuck])){
        ++upper;
        continue;
        }
        if(islower(password[chuck])){
            ++lower;
            continue;
        }

        if(isdigit(password[chuck])){
        ++number;
        continue;
        }else{++wild;
        continue;}
        }
        printf("%d Uppercase letter\n",upper);
         printf("%d Lowercase letter\n",lower);
          printf("%d Number\n",number);
           printf("%d Wildcard character\n",wild);

           if(upper>=1 && lower>=1 && number>=1 && wild>=1){
            printf("Congratulations! Your password is valid\n");
           }else{
               printf("Sorry! Your password is weak!\n");
           }

        if(upper==0){
                printf("\nYour password doesn't have a UPPERCASE letter\n");
        }
        if(lower==0){
                printf("\nYour password doesn't have a lowercase letter\n");
        }
        if(number==0){
                printf("\nYour password doesn't have a digit\n");
        }
        if(wild==0){
                printf("\nYour password doesn't have a wildcard character\n");
        }


    return 0;
}

Post a Reply

Replies

Oldest  Newest  Rating
0 Sagar Bhandari · December 20, 2014
O_o
0 Sagar Bhandari · December 20, 2014
I don't get what you're trying to show me!
Try it now!! :-P

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main()
{
   int upper=0;
    int lower=0;
    int number=0;
    int wild=0;
    int chuck=0;
    char password[16];
    printf("Please create a password  \n");
    printf("Your password must be less than 16 characters\n");
    scanf("%s",password);
    int check=(strlen(password));
    if(check<=16){
    printf("Processing...\n\n");
    for(chuck=0; chuck<=(check-1); chuck++)
        {
        if(isupper(password[chuck])){
        ++upper;
        continue;
        }
        if(islower(password[chuck])){
            ++lower;
            continue;
        }

        if(isdigit(password[chuck])){
        ++number;
        continue;
        }else{++wild;
        continue;}
        }
        printf("%d Uppercase letter\n",upper);
         printf("%d Lowercase letter\n",lower);
          printf("%d Number\n",number);
           printf("%d Wildcard character\n",wild);

           if(upper>=1 && lower>=1 && number>=1 && wild>=1){
            printf("Congratulations! Your password is valid\n");
           }else{
               printf("Sorry! Your password is weak!\n");
           }

        if(upper==0){
                printf("\nYour password doesn't have a UPPERCASE letter\n");
        }
        if(lower==0){
                printf("\nYour password doesn't have a lowercase letter\n");
        }
        if(number==0){
                printf("\nYour password doesn't have a digit\n");
        }
        if(wild==0){
                printf("\nYour password doesn't have a wildcard character\n");
        }

    }else{
    printf("Your password is more than 16 characters!! Try again\n");
    }
    return 0;
}
0 c student · December 20, 2014
/images/forum/upload/2014-12-20/ca1e73594c42d412ea3639898eabaaab.png

what happened?
when you called scanf(), you allowed a user to enter an input with a variable length.  if someone types in a length with more than the memory allocated for it, it will overflow (like overflowing water in a cup) and start writing into other parts in memory such as other variables and even other stack frames.  once this happens, the affected memory will be compromised and can be overwritten, causing damage to other programs or whatever was relying on it.  it's good that you have updated a check for this, however, i am still able to reach into memory beyond your program.  maybe you should do more than print a message?

why you should worry?
if a malicious user were to inject code into the compromised stack to retrieve information, it could prove to be a major security issue allowing potential access to private data such as private keys, passwords, confidential information, etc...  certainly something you would not want to happen.  although this is a small-time program, it's still poor practice to allow this to be ignored and if you do happen to get into programming in the big world, security is most important.

it's ramifications? 
real world example: heartbleed bug.

practice makes (an approach towards but will never be) perfect.  stay skeptical :ermm:
0 c student · December 17, 2014
/images/forum/upload/2014-12-17/2018efdb82e304a55774d8a0f240fe94.png
0 Sagar Bhandari · December 22, 2014
Holy Crap! I'm a complete newb to C but thank you for pointing out the problem! :-D 
  • 1

C

107,307 followers
About

One of the most popular languages of all time.

Links
Moderators
Bucky Roberts Administrator