help3007 articles all ANNOUNCEMENTS recent articles
login to post a new article
tagged articles (144 / 199) the unit in general (6) software security in the news (1) lectures (5) labs (22) project (78) final exam (17) tests and quizzes (9) trivia (3) the C language (3)
help3007 topics from today and yesterday from the past week from the past two weeks ALL topics, most recent first
  login
chapter0 unitinfo research projects
csforum csse-feedback csbreakdown cssubmit csmarks
2nd semester help fora Algebra Advanced Algorithms Cloud Computing High Performance Computing Intelligent Agents Professional Computing Relational Database Management Systems Systems Programming
  It's UWAweek 47

help3007

This forum is provided to promote discussion amongst students enrolled in CITS3007 Secure Coding. If posting a question, it's suggested you check first whether your question is answered in the unit Frequently Asked Questions (FAQ) list, and use the search box (on the right) to see if an answer to your question has already been posted.

Please consider offering answers and suggestions to help other students! And if you fix a problem by following a suggestion here, it would be great if other interested students could see a short "Great, fixed it!"  followup message.

Note that any posts must comply with the UWA Code of Conduct and the UWA Academic Conduct Policy. That means you should (a) treat everyone with respect and courtesy, and (b) not post your solutions to an assessment that's in progress.

If asking a programming question, it's recommended you read How do I ask a good question? If reporting or troubleshooting a bug in software used in the unit, it's recommend you read How to report bugs effectively.
Displaying the 3 articles in this topic
Showing 3 of 170 articles.
Currently 37 other people reading this forum.
 UWA week 21 (1st semester, week 12) ↓
SVG not supported

Login to reply

👍?
helpful
12:32pm Wed 22nd May, ANONYMOUS

Hi Arran, I wanted to check whether a string from user input is null terminated before passing it to strlen or other operation which could cause undefined behaviour, but I couldn't find a way to check this. Based on my understanding, checking for null terminator, I would need to know the length of the string then check whether the last character of the string is null terminator. I have read that sizeof operator operates at compile time, so this could not work a string that a user passes. If I tried to find the string length using a loop that will also rely on the null terminator at the end. I don't know any other operators/functions that could find out the length of a string. In this case, how could I make sure a user entered string is null terminated?

SVG not supported

Login to reply

👍?
helpful
2:09pm Wed 22nd May, Arran S.

Hi,

In C, the only way you can check if a string is null-terminated is if you know the size of the array that it's in. If you know the array is, say, N elements long, you can just write a loop:

  bool is_null_terminated = false;
  for(size_t i=0; i<N; i++)
    if (arr[i] == 0)
      is_null_terminated = true;

If you don't know the size of the array it's in, then any element access you make might turn out to be undefined behaviour.

But luckily, we never actually get strings from a user directly (whatever that would mean) - we get them from the operating system. If we're in main(), for instance, we are guaranteed that:

  • argc is non-negative, and correctly represents the number of arguments passed to our program from the environment it's run in
  • argv is in array of char*, of length argc+1. The last element in the array is a null pointer; all the others are valid, null-terminated C strings.

If you like, those facts are preconditions of main being called at all. It's impossible to validate them; but that's fine, because a function is responsible for producing a sensible result only if its preconditions are true.

This is why, back in lecture 2, I mentioned that there are two "imaginary" types that a char * could correspond to, and which might get passed around a program, and which it's the programmer's responsibility to keep track of:

a. a valid string that is null-terminated
b. a (char*, size_t) pair, that represents an array of known size.

If you are ever given a char*, without a guarantee that it's one of (a) or (b), there's simply nothing you can safely do with it.

This is why fgets() is dangerous - its prototype is

  char *fgets(char *p);

The implementer of fgets doesn't know the size of the array p points to, and can't be sure it's null-terminated (in fact, it probably isn't). So there is literally no operation they can safely perform on p.

Does that make sense?

cheers

Arran

ANONYMOUS wrote:

Hi Arran,

I wanted to check whether a string from user input is null terminated before passing it to strlen or other operation which could cause undefined behaviour, but I couldn't find a way to check this. Based on my understanding, checking for null terminator, I would need to know the length of the string then check whether the last character of the string is null terminator. I have read that sizeof operator operates at compile time, so this could not work a string that a user passes. If I tried to find the string length using a loop that will also rely on the null terminator at the end. I don't know any other operators/functions that could find out the length of a string. In this case, how could I make sure a user entered string is null terminated?
SVG not supported

Login to reply

👍?
helpful
8:02pm Wed 22nd May, ANONYMOUS

Thank you Arran, I understand now

The University of Western Australia

Computer Science and Software Engineering

CRICOS Code: 00126G 		Written by [email protected]
Powered by history
Feedback always welcome - it makes our software better!
Last modified  8:08AM Aug 25 2024
Privacy policy