Thread: C help
View Single Post
Old 05-09-07, 12:37 PM   #5
Nerd, Geek, Freak
wnd's Avatar
Join Date: Sep 2005
Location: Finland
Posts: 703
Default Re: C help

Originally Posted by evilghost
This is what I ended up with, thanks again for your help, feel free to make any additional comments
Just some minor things. I tend to be a little picky about (C-)code.

- There is no reason for FILE *fout to be global. It's sufficient to have it only inside main-function.

- Having an assignment, a function call, and a comparision in a single "if (foo)" is very C-ish. However in my opinnion this feature is often abused since complex statements easily become difficult to read.
fout = fopen("foo", "a+");
if (fout == NULL) {
        fprintf(stderr, "oops\n");
        return EXIT_FAILURE;
/* Code continues outside if-block. That's where we want to go. */
- You can compare return value of fopen against NULL.

- It is perfectly safe (as far as printf can be) to have just fprintf(stderr, "Error while...\n");. When I said user input, I meant input from "unregulated" source such as command prompt, file, network, or such. A static string in source code is not user input. :-)

- Similary to EXIT_FAILURE, most stdlib.hs come with EXIT_SUCCESS.

- Since the executable is suid, I'd be extra careful to make sure target file is exactly what it's supposed to be (note that I don't know if uid/gid is set to something specific so that part may not apply):
#include <sys/types.h>
#include <sys/stat.h>
#include <uninstd.h>

struct stat s;
int r;

r = lstat(file, &s);
if (r != 0) {
if (! (S_ISREG(s.st_mode) && s.st_uid == OWNER_UID
                        && s.st_gid == OWNER_GID)) {
/* good to go */
web | cat

Christianity, noun: The belief that a cosmic Jewish Zombie who was his own father can make you live forever if you symbolically eat his flesh and telepathically tell him you accept him as your master, so he can remove an evil force from your soul that is present in humanity because a rib-woman was convinced by a talking snake to eat from a magical tree. [mad.frog]
wnd is offline   Reply With Quote