我目前正在研究基於C語言的日誌解析器(製作基於原始bash的日誌解析器的C版本),我想知道應該如何防止緩衝區溢出,如果輸入有誤,很可能只是在內存不足時自動停止程序的一種方式,我也提供了下面的代碼,謝謝!如何實現某種機制來防止緩衝區溢出
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define _GNU_SOURCE
void main(int argc, char *argv[], char *envp[])
{
FILE *fd;
char *name;
name = getenv("MCEXEC_PLAYERNAME");
char *filename;
filename = malloc(sizeof "/home/minecraft/freedonia/playerdata/deathlog-.txt" - 1 + strlen(name) + 1);
if (!filename) exit(EXIT_FAILURE);
sprintf(filename,"/home/minecraft/freedonia/playerdata/deathlog-%s.txt",name);
char buff[1024];
if ((fd = fopen(filename, "r")) != NULL)
{
fseek(fd, 0, SEEK_SET);
while(!feof(fd))
{
memset(buff, 0x00, 1024);
fscanf(fd, "%[^\n]\n", buff);
}
printf("%s\n", buff);
}
else
printf("fail");
}
下面這段代碼是實現fgets和scanf的一種嘗試,但是當我運行它,它只是坐在那裏不顯示任何輸出
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define _GNU_SOURCE
void main(int argc, char *argv[], char *envp[])
{
FILE *fd;
char *name;
name = getenv("MCEXEC_PLAYERNAME");
char *filename;
filename = malloc(sizeof "/home/minecraft/freedonia/playerdata/deathlog-.txt" - 1 + strlen(name) + 1);
if (!filename) exit(EXIT_FAILURE);
sprintf(filename,"/home/minecraft/freedonia/playerdata/deathlog-%s.txt",name);
char *buff;
buff = malloc(1024);
char *finbuff;
finbuff = malloc(1024);
if ((fd = fopen(filename, "r")) != NULL)
{
fseek(fd, 0, SEEK_SET);
while(!feof(fd))
{
memset(buff, 0x00, 1024);
memset(finbuff, 0x00, 1024);
// fscanf(fd, "%[^\n]\n", buff);
fgets(buff, 1024, fd);
scanf(buff, "%[^\n]\n", finbuff);
}
printf("%s\n", finbuff);
}
else
printf("fail");
}
程序中還有另一個緩衝區溢出。如果環境變量'MCEXEC_PLAYERNAME'足夠長,'filename'的計算緩衝區大小將環繞,並且分配的方式太少。 –
IIRC你需要''#define _GNU_SOURCE' * * *''include'標題之前,因爲他們檢查是否定義了_GNU_SOURCE。 – fuz