Wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits] rev 25171:/trunk/epan/dissectors/ /trunk
From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Date: Mon, 28 Apr 2008 14:09:27 -0400

Oy, apparently it was a rough week for me last week. (Good thing I wasn't coding.)

After a good weekend of suffocating on (latex) paint fumes (spring _was_ here but then it left), my brain is working much more good now. <sigh>

Thanks for your patience.  :-)

Maynard, Chris wrote:
Does this help – in particular the read_from_network() function and comments I added?

- Chris

#include <stdio.h>

#include <stdlib.h>

typedef unsigned short uid_t;

static void dowork(uid_t u);

static int read_from_network(void);

int main(int argc, char **argv)

{

    int x;

    x  = read_from_network();

    /* Squish root (it's not safe to execute dowork() with uid(0) */

    if ( x == 0 )

    {

        printf("Uid %u not allowed.\n", x);

        exit(1);

    }

    dowork(x);

    return (0);

} /* main() */

static void dowork(uid_t u)

{

    printf("Doing work as uid %u.\n", u);

} /* dowork() */

static int read_from_network(void)

{

    /* I'm a sneaky guy and exploited the fact that the return value

     * is an int, although I know only the lower 16 bits will be used.

     * This is how I can end up "doing work" as root. */

    return (0xffff0000);

} /* read_from_network() */

------------------------------------------------------------------------

*From:* wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] *On Behalf Of *Jeff Morriss
*Sent:* Friday, April 25, 2008 9:34 PM
*To:* Developer support list for Wireshark
*Subject:* Re: [Wireshark-dev] [Wireshark-commits] rev 25171:/trunk/epan/dissectors/ /trunk/epan/dissectors/: packet-umts_fp.c

On Fri, Apr 25, 2008 at 7:49 PM, Luis EG Ontanon <luis@xxxxxxxxxxx <mailto:luis@xxxxxxxxxxx>> wrote:

On Fri, Apr 25, 2008 at 10:17 PM, Jeff Morriss
<jeff.morriss.ws <http://jeff.morriss.ws>@gmail.com <http://gmail.com>> wrote:

  Guy Harris wrote:
> http://www.cs.berkeley.edu/~wychen/cs261/proposal.htm
<http://www.cs.berkeley.edu/%7Ewychen/cs261/proposal.htm>

  If Figure 1 is really a problem then my understanding of C just went out
  the window...


I wouldn't have got this by myself without the explanation  but if you
read the code as:

typedef unsigned short uid_t;

void dowork(uid_t u);
int main() {
   int x = read_from_network();
   // Squish root (it's not safe to   execute dowork() with uid 0)
   if ( (x & 0x0000ffff) == 0) exit(1);
   //       ^^^^^^^^^^^^^
   dowork(x);
}

you would have noticed the issue.


I get what he's saying but I just don't get it: why would the compiler convert from int to unsigned short *before* it has to send the value into the call to dowork()? E.g., 'x' should be an int until I (explicitly or implicitly) cast it to something else, non? Actually it should still be an int after the call to dowork(); it just won't be an int when dowork() gets it.


Maybe I need to go back to school because I'm feeling very noobish right now.


------------------------------------------------------------------------

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev