- 784
- 4
- 9
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
In the following test, you use strncmp():
int comparison = strncmp(password, row[0], strlen(password));
If the length of password is shorter than the length of row[0], then your comparison is wrong. Assuming your password are a SHA512 (it should at least use that encryption) then all encrypted passwords would have the same size. However, I do not see any encryption of the password, so I would imagine that the length can change. You should have:
int comparison = strcmp(password, row[0]);
Assuming that the string in row[0] is NUL terminated.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a(削除) Side note about vnp statement " — sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1. (削除ここまで)sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.see comments below
That being said, yourYour math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
In the following test, you use strncmp():
int comparison = strncmp(password, row[0], strlen(password));
If the length of password is shorter than the length of row[0], then your comparison is wrong. Assuming your password are a SHA512 (it should at least use that encryption) then all encrypted passwords would have the same size. However, I do not see any encryption of the password, so I would imagine that the length can change. You should have:
int comparison = strcmp(password, row[0]);
Assuming that the string in row[0] is NUL terminated.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.
That being said, your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
In the following test, you use strncmp():
int comparison = strncmp(password, row[0], strlen(password));
If the length of password is shorter than the length of row[0], then your comparison is wrong. Assuming your password are a SHA512 (it should at least use that encryption) then all encrypted passwords would have the same size. However, I do not see any encryption of the password, so I would imagine that the length can change. You should have:
int comparison = strcmp(password, row[0]);
Assuming that the string in row[0] is NUL terminated.
(削除) Side note about vnp statement " — see comments belowsizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1. (削除ここまで)
Your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
- 784
- 4
- 9
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
In the following test, you use strncmp():
int comparison = strncmp(password, row[0], strlen(password));
If the length of password is shorter than the length of row[0], then your comparison is wrong. Assuming your password are a SHA512 (it should at least use that encryption) then all encrypted passwords would have the same size. However, I do not see any encryption of the password, so I would imagine that the length can change. You should have:
int comparison = strcmp(password, row[0]);
Assuming that the string in row[0] is NUL terminated.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.
That being said, your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.
That being said, your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
In the following test, you use strncmp():
int comparison = strncmp(password, row[0], strlen(password));
If the length of password is shorter than the length of row[0], then your comparison is wrong. Assuming your password are a SHA512 (it should at least use that encryption) then all encrypted passwords would have the same size. However, I do not see any encryption of the password, so I would imagine that the length can change. You should have:
int comparison = strcmp(password, row[0]);
Assuming that the string in row[0] is NUL terminated.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.
That being said, your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...
You are using strncat() the wrong way. It is a very treacherous function. I have no clue why it was done that way, but you probably won't even believe what I tell you here:
The size is NOT the total size of the string, but the space left!
From the manual page:
If
srccontainsnor more bytes,strncat()writesn+1bytes todest(nfromsrcplus the terminating null byte). Therefore, the size ofdestmust be at leaststrlen(dest)+n+1.
If you are to deal with many strings and do copies, concatenate, etc. I would suggest you create a small structure representing a string and functions that handle your strings. That allows you to put all the copy code in one place and avoid potential problems littering your entire program.
Side note about vnp statement "sizeof(char) is 1" is wrong. Some processor have a sizeof(char) of 2. Not very many and for sure not the main Desktop computers, but you cannot expect that size of always be 1.
That being said, your math is wrong:
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
Here you say:
a + b + c ×ばつ d
What you meant is:
(a + b + c) ×ばつ d
Since d is 1 you do not see any difference, of course...