aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbloodstalker <thabogre@gmail.com>2017-03-13 10:47:53 +0000
committerbloodstalker <thabogre@gmail.com>2017-03-13 10:47:53 +0000
commit5a684004adffb20dfacfb5c436f756764b5170f1 (patch)
tree19e0d952777b03daf37831eb466cf1dd2678a3e9
parentadded a ctags target (diff)
downloadmutator-5a684004adffb20dfacfb5c436f756764b5170f1.tar.gz
mutator-5a684004adffb20dfacfb5c436f756764b5170f1.zip
trying to fix the tainted string issue
-rw-r--r--daemon/daemon_aux.c43
-rw-r--r--daemon/daemon_aux.h6
-rw-r--r--daemon/mutatorserver.c13
3 files changed, 57 insertions, 5 deletions
diff --git a/daemon/daemon_aux.c b/daemon/daemon_aux.c
index 4f93aec..ce47f37 100644
--- a/daemon/daemon_aux.c
+++ b/daemon/daemon_aux.c
@@ -33,6 +33,33 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.*
#include <arpa/inet.h>
#include <unistd.h>
/**********************************************************************************************************************/
+bool cleanser(char cleansee[])
+{
+ bool nullterminated = false;
+ bool cleansee_health = true;
+
+ for (int i = 0; i < 2000; ++i)
+ {
+ if (cleansee[i] == '\0')
+ {
+ nullterminated = true;
+ break;
+ }
+
+ if (cleansee[i] == '|')
+ {
+ cleansee_health = false;
+ }
+
+ if (cleansee[i] == ';')
+ {
+ cleansee_health = false;
+ }
+ }
+
+ return (cleansee_health && nullterminated);
+}
+/**********************************************************************************************************************/
int mutator_server(FILE* log_file)
{
int socket_desc, client_sock, socketlength, read_size;
@@ -42,6 +69,7 @@ int mutator_server(FILE* log_file)
FILE* clientistream;
char runresponse[4000];
char NOOUT[]="command did not return any output. could be an error or not.\n";
+ char BADOUT[]="what are you exactly trying to do?";
/*create socket*/
socket_desc = socket(AF_INET, SOCK_STREAM, 0);
@@ -90,10 +118,19 @@ int mutator_server(FILE* log_file)
{
fflush(stdin);
- fprintf(log_file, "%s","got command from client.\n");
+ fprintf(log_file, "%s", "got command from client.\n");
- /*open pipe, run command*/
- clientistream = popen(client_message, "r");
+ if (cleanser(client_message) == true)
+ {
+ /*open pipe, run command*/
+ clientistream = popen(client_message, "r");
+ }
+ else
+ {
+ fprintf(log_file, "%s", "what are you trying to do exactly?");
+ write(client_sock, BADOUT, strlen(BADOUT));
+ continue;
+ }
if (clientistream == NULL)
{
diff --git a/daemon/daemon_aux.h b/daemon/daemon_aux.h
index 04a504d..e0b1954 100644
--- a/daemon/daemon_aux.h
+++ b/daemon/daemon_aux.h
@@ -24,7 +24,13 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.*
/*headers*/
#include <stdio.h>
/**********************************************************************************************************************/
+typedef int bool;
+#define true 1
+#define false 0
+/**********************************************************************************************************************/
/*function prototypes*/
+bool cleanser(char cleansee[]);
+
int mutator_server(FILE* log_file);
#endif
diff --git a/daemon/mutatorserver.c b/daemon/mutatorserver.c
index 5965a69..4450583 100644
--- a/daemon/mutatorserver.c
+++ b/daemon/mutatorserver.c
@@ -26,6 +26,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.*
/**********************************************************************************************************************/
/*inclusion directive*/
#include "mutatorserver.h"
+#include "daemon_aux.h"
/*standard headers*/
#include <stdio.h>
#include <stdlib.h>
@@ -91,8 +92,16 @@ int main (int argc, char *argv[])
puts("got command from client.");
- /*open pipe, run command*/
- clientistream = popen(client_message, "r");
+ if (cleanser(client_message))
+ {
+ /*open pipe, run command*/
+ clientistream = popen(client_message, "r");
+ }
+ else
+ {
+ puts("what are you trying to do exactly?");
+ continue;
+ }
if (clientistream == NULL)
{