1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
/* taken from https://cwe.mitre.org/data/definitions/467.html and slightly modified */
/* Ignore CWE-259 (hard-coded password) and CWE-309 (use of password system for authentication) for this example. */
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#define AUTH_SUCCESS 1
#define AUTH_FAIL 0
char *username = "admin";
char *pass = "password";
int AuthenticateUser(char *inUser, char *inPass) {
printf("Sizeof username = %d\n", sizeof(username));
printf("Sizeof pass = %d\n", sizeof(pass));
if (strncmp(username, inUser, sizeof(username))) {
printf("Auth failure of username using sizeof\n");
return AUTH_FAIL;
}
/* Because of CWE-467, the sizeof returns 4 on many platforms and architectures. */
if (! strncmp(pass, inPass, sizeof(pass))) {
printf("Auth success of password using sizeof\n");
return AUTH_SUCCESS;
}
else {
printf("Auth fail of password using sizeof\n");
return AUTH_FAIL;
}
}
int main (int argc, char **argv) {
int authResult;
if (argc < 3) {
printf("Usage: Provide a username and password\n");
exit(1);
}
authResult = AuthenticateUser(argv[1], argv[2]);
if (authResult != AUTH_SUCCESS) {
printf("Authentication failed\n");
exit(1);
}
else {
printf("Authenticated\n");
exit(0);
}
}