It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
I want to write a function in which when you tap "esc" the the window should close, the thing is that the function should be written in c.
I'am new to the c programming any help pls.
Well, for Windows:
GetActiveWindow or GetFocus to retrieve the window that is focused on.
GetASyncKeyState to capture the escape button.
SendMessage to close the respective window.
If you want something fancier than GetASyncKeyState(which is not reliable and expensive to the processor in an infinite loop) you can do something relatively difficult at first sight: global keyboard hooks in c
void myfunc(){
char ch;
do{
//do what you want here
ch=getchar();
}while(ch!='27'); //27 is the ascii code for esc
}
There is no standard way to react immediately to input in C - the ESC key is no different from the letter 'A' or 'x' in this respect - the input is not given to the program until the user hits Enter. Sometimes, a further complication is that ESC is used for special purposes, for example a Windows command-line application uses ESC for "erase whatever I've typed so far", which makes it impossible to read even with "ESC + Enter".
So, you need to use system specific functions that can read "raw" data from the keyboard, rather than the usual "cooked" data that you get using the standard I/O functions (e.g. getchar()).
There are OS-independent options, such as ncurses that supply this for console applications.
In windows, you may be able to use getch() after including conio.h, but this is a non-standard library, and it only works in a console application.
In a windowed environment it's a case of responding to a keyboard event, and "if key == ESCAPE close_window" - exactly how you do that depends on the windowing system and framework used.
Related
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
AFAIK, a buffer overflow is achieved by overwriting memory adjacent to a C variable's buffer. This overwriting is used to spawn a shell which executes commands.
But what if the user that is running the program vulnerable to a buffer overflow has the shell disabled ?
/etc/passwd:
user1:x:1000:1000:user1,,,,:/home/user1:/bin/false
sudo -u user1 /usr/bin/programname
"Shell disabled" only matters if you're actually logging in. If you're exploiting an already running program then you don't need to log in.
Exploits do not use a shell which is configured for a user — they normally include a binary code, shellcode, which are functionally equivalent to a primitive shell, meaning that it will start any chosen executable — for example a real shell program. Exploited program is then tricked to execute this code.
There are many different shellcodes available on the net, for example which do not include a byte '\0', so they will be passed unharmed as a C string, or which only include printable characters, valid unicode strings etc.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I was solving a practice problem on a site which states that
The purpose of this problem is to verify whether the method you are
using to read input data is sufficiently fast to handle problems
branded with the enormous Input/Output warning. You are expected to be
able to process at least 2.5MB of input data per second at runtime.
Also how do I optimize input/output routines other than printf and scanf?
It is operating system specific (because the C standard only knows about <stdio.h>). With Linux consider using low-level syscalls for efficiency, like open(2), mmap(2), read(2), pread(2), write(2). You might also want to use readahead(2). Don't forget to make I/O in rather large blocks (e.g. 128Kbytes), page aligned if possible. Read the Advanced Linux Programming book.
If restricted to standard C99 functions, use fread(3) on rather big chunks. Consider also increasing the internal buffer with setvbuf(3)
And 2.5Mbyte/sec is not very impressive. Probably, the bottleneck is the hardware, but you should be able to get perhaps 20 or 50Mbytes/sec on a standard desktop hardware. Using SSD would help a big lot.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
What are the security breaches possible ? or any attacks?
Which argument of the printf function?
printf("%s\n", untrusted_string); is mostly OK, although if output is going to a terminal, and if the terminal responds to control codes, then it potentially could mess up the terminal settings beyond all recognition.
Obviously it also gets interesting when the output of your program is going to be used as executable code. It may not always be obvious to you that it is. For example, suppose you write a program that scans your web server logs and produces an HTML report listing all the URLs visited. Suppose further that I visit http://example/<script>...</script>. I get an error message, but the URL is still logged. If you've printed the input without modification, then you might be in for an educational evening when you review your report files. The user input needs to be sanitized somewhere along the line.
Echoing data that the user has supplied, back the same user, is somewhat safer. However, again in a web context, XSRF attacks are a common technique -- you might think that your users wrote the input themselves, when really they didn't, and so actually you're echoing some attacker's data back to the user. The same could apply even in command-line programs -- if the user supplies a file as a command-line argument, but the file (like my server log above) was written by an attacker, then printing parts of that file back to the user potentially has consequences the user never intended.
None of which is necessarily a reason not to do it. As ever in security, you can't say whether a particular action "is" or "isn't" secure, because it depends on the context in which that action occurs.
printf(untrusted_string); is definitely no good, since the string supplied might be "%s", with undefined behavior. You might think to yourself, "oh, well, it only reads where it shouldn't, what harm can that possibly do?" In which case you will eventually join the long list of people who've been surprised at the ingenuity which attackers show in combining multiple bugs to create a workable attack. Reading where you shouldn't clearly can lead to DoS, but also in combination with other issues could leak sensitive information.
A buffer overflow attack. See http://en.wikipedia.org/wiki/Buffer_overflow
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
Hi I'm on my internship and my company told me that I've to implement password complexity using C language. The password must be Alpha numeric (eg h#ll0). Since I'm new to C , I found some difficulty. I google "password complexity in C " but no luck there. Can someone gave me some sample or explain me how to do it programmatically.
Thanks a lot in advance
Kevin
A better Google term would be "strong password":
http://en.wikipedia.org/wiki/Password_strength
But most of the articles you will find will not be for the C language, and they will probably suggest using a regular expression.
It would probably not be too hard to write your own low-level code to do the check as others have suggested. That would save you the trouble of generating a dependency on some C-language regular expression library to use. However, there is an advantage in using a regular expression because it means that non-C programmers would have a better chance at updating the rule at a later date, and it may make errors less likely to boot. It depends on your particular situation.
(Also, if other parts of your C code need regular expressions, then linking one in might be something you're going to need to do anyway and you'd get it "for free"...)
In any case, this StackOverflow question has a link to a regex.h tutorial, and more may be added to it in the future:
C - pellucid regex.h use tutorial
You don't provide enough information. By password complexity I assume you mean password strength.
I'm not in the business of writing code for someone, but if what you're looking to do is determine whether or not a password contains both a letter and a number, is at least n characters long, etc., C has functions you can do this with. isalnum(), isdigit(), and isalpha() come to mind for testing. These all return nonzero values to indicate true.
In terms of speed, C is fast on its own but remember with these that there is no need to parse the entire password -- all you need is for the function to return a nonzero value at some point. (All of these functions parse by character; C strings are char arrays.)
http://icecube.wisc.edu/~dglo/c_class/charfunc.html This is a good little reference for character parsing functions.
It depends on how the password is encoded, you may need an ASCII character chart or a unicode character chart. For each character in the input password, categorize it into groups number, uppercase letter, lowercase letter or special characters and so on.
here are the links to the tables:
http://www.asciitable.com/
http://www.tamasoft.co.jp/en/general-info/unicode.html
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I have to make a multiplayer game and give the users(on different) an option to change their screen resolution in order to sustain their hardware requirements.Similar to counterstrike.
How can I implement this in c ? how can I give the users sitting on different computers an option to change their screen resolution ?
There is no standard method in the C language or standard library, and this is entirely dependent on the graphics library you're writing the program in.
If you want a really simple way to do this, you can use xrandr and system():
#include <stdlib.h>
system("xrandr > resolutions.tmp"); // direct output to 'resolutions.tmp'
// retrieve possible resolutions from 'resolutions.tmp'
system("xrandr -s resolution_id"); // select a certain screen resolution
Edit: as you've mentioned you're using OpenGL on Ubuntu, you can follow some of the steps in the following article to change the resolution using library calls:
http://www.opengl.org/wiki/Programming_OpenGL_in_Linux:_Changing_the_Screen_Resolution
http://www.opengl.org/wiki/Programming_OpenGL_in_Linux:_Changing_the_Screen_Resolution worked for me. At the bottom you have command to compile, use it but add -std=c99. Keywords for google (no offense, I would appreciate them): opengl screen resolution
You will definitely use a library which handles the os-specific details for you. This library would be responsible for finding out which combinations fo screen resolution, colour depth and various buffers are available, and then you can choose one, or give the user the option to choose one.
For example, GLFW does this by way of its glfwGetVideoModes function.
The underlying code to do this is both platform-specific, and ugly. You want to spend some time writing your game not messing with it.