好吧,我正在对缓冲区溢出进行一些研究。我有一个C程序,容易受到我试图转换为java的变量攻击的影响。有人认为他们可以帮助我吗?到目前为止,我仍然无法获得Java代码进行编译。JAVA中的缓冲区溢出
C代码
#include <stdio.h>
#include <string.h>
/*
A routine that checks whether the password is correct or not
Standard library call "gets()" does not check for buffer overflow
*/
int checkPassword(){
char passwordFlag = 'F';
char inputPwd[10];
memset(inputPwd, 0, 10);
gets(inputPwd);
if (!strcmp(inputPwd, "goodpass")){
passwordFlag = 'T';
}
if (passwordFlag == 'T'){
return 1;
}
else{
return 0;
}
}
int main()
{
printf("Please enter a password\n");
if (checkPassword() == 1)
{
printf("Successful\n");
return 0;
}
else{
printf("Access Denied.\n");
return -1;
}
}
的Java代码(不是当前编译)
import java.io.*;
class Numbers {
public static void main(String[] args) {
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Please enter a password");
if (checkPassword() == 1)
{
System.out.println("Successful");
System.exit(1); //you wouldn't exit here but its not like i'm doing anything important
}
else{
System.out.println("Access Denied.");
System.exit(1);
}
}
public static Integer checkPassword(){
char passwordFlag = 'F';
char inputPwd[10];
memset(inputPwd, 0, 10);
gets(inputPwd);
if (!strcmp(inputPwd, "goodpass")){
passwordFlag = 'T';
}
if (passwordFlag == 'T'){
return 1;
}
else{
return 0;
}
}
}
在Java中,memset的,获取并STRCMP是不确定的。 – Alanmars 2012-02-27 03:13:00
关于你的Java代码有很多很多东西,它们不是Java。 – 2012-02-27 03:14:00
不要只取C库函数名称并在Java中使用它们。你需要学习Java方法来完成这些任务。 – Nayuki 2012-02-27 03:20:04