Follow us on twitter

Donate Bitcoins

Stack levels

Stack 0 Stack 1 Stack 2 Stack 3 Stack 4 Stack 5 Stack 6 Stack 7

Format string levels

Format 0 Format 1 Format 2 Format 3 Format 4

Heap levels

Heap 0 Heap 1 Heap 2 Heap 3

Network programming

Net 0 Net 1 Net 2 Net 3

Final levels

Final 0 Final 1 Final 2

Protostar heap2

About

This level examines what can happen when heap pointers are stale.

This level is completed when you see the "you have logged in already!" message

This level is at /opt/protostar/bin/heap2

Source code

 1#include <stdlib.h>
 2#include <unistd.h>
 3#include <string.h>
 4#include <sys/types.h>
 5#include <stdio.h>
 6
 7struct auth {
 8  char name[32];
 9  int auth;
10};
11
12struct auth *auth;
13char *service;
14
15int main(int argc, char **argv)
16{
17  char line[128];
18
19  while(1) {
20    printf("[ auth = %p, service = %p ]\n", auth, service);
21
22    if(fgets(line, sizeof(line), stdin) == NULL) break;
23    
24    if(strncmp(line, "auth ", 5) == 0) {
25      auth = malloc(sizeof(auth));
26      memset(auth, 0, sizeof(auth));
27      if(strlen(line + 5) < 31) {
28        strcpy(auth->name, line + 5);
29      }
30    }
31    if(strncmp(line, "reset", 5) == 0) {
32      free(auth);
33    }
34    if(strncmp(line, "service", 6) == 0) {
35      service = strdup(line + 7);
36    }
37    if(strncmp(line, "login", 5) == 0) {
38      if(auth->auth) {
39        printf("you have logged in already!\n");
40      } else {
41        printf("please enter your password\n");
42      }
43    }
44  }
45}
46

Discussion