Description

Despite the fact that C is a simple language by design, writing functioning and safe code in it can be an undoubtedly strenuous task. In higher level languages you may have the luxury of garbage collectors, RAII, runtime bounds checking, etc., however in C you have to do everything manually. Due to negligence, you were able to become a premium user quite easily, your mission is now to fix this vulnerability by correcting the create_user() function and completing the strcpy_safe() function to prevent further security risks caused by unchecked string copying. strcpy_safe() has the following parameters:

dst is the destination array where the data is copied to.

src is the source of the data.

size is the size of the dst array.

But which function should one use to safely copy strings? As we could see, the answer is definitely not strcpy() because it only stops when the source string is completely copied, it will gladly help you with causing buffer overflows. strncpy() is somewhat better because it lets you specify the maximum number of characters to be copied, but it won't add a null terminator at the end of the string if the source string exceeds the maximum length. Maybe is there a more adequate function for this task?

Hint: Your function should return NULL if the strings are too long.

Explore solvable/wd/use opsc xsolvable/wd/usel_ops.h x 1 include 2 3 4 #include #include #include "user-ops.h" challenge user ops.c user_ops.h 6 void strcpy_safe (char dst, const char* sre, size_t size) 9userdata create_user(const char name, const char password, int ispremium) 18 userdata *user; if(name == NULL Il password = NULL) return NULL; 13 14 15 16 17 user=calloc(1,sizeof(userdata)); user-spremium strcpy_safe(user-username, name, 16); spremium; strcpy_safe(user->password,password,16); 18 19 28 21 return user; Projects challenge Settings "Split _cpp /solvable/wd/user ops.c Ln: 1 Cot 0