Question: Review the following code and improve the code and remove vulnerabilities. #include #include #include #define bzero(b,len) (memset((b), '0', (len)), (void) 0) using namespace std; void

Review the following code and improve the code and remove vulnerabilities.

#include

#define bzero(b,len) (memset((b), '\0', (len)), (void) 0)

using namespace std;

void setPassword(char pass[])

{

cout << "The password accepted is " << pass << endl;

}

char* getPasswordFromUser(char* prompt) {

char tmp[100];

cout << prompt;

cin >> tmp;

int len = strlen(tmp);

char* ret = (char*)malloc(len + 1);

strncpy_s(ret, len+1,tmp, len + 1);

bzero(tmp, len); /* don't leave passwd copy in memory */

return ret;

}

void changePassword() {

char* pass1 = getPasswordFromUser("enter new password: ");

char* pass2 = getPasswordFromUser("re-enter new password: ");

if (strcmp(pass1, pass2)) {

printf("passwords do not match ");

}

else {

setPassword(pass1);

}

bzero(pass1, strlen(pass1)); /* don't leave in memory */

bzero(pass2, strlen(pass2)); /* don't leave in memory */

free(pass1);

free(pass2);

}

int main()

{

changePassword();

return 0;

}

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Pls Help The yellow highlight is a part i need to fix! Main.cpp #include #include #include "PlaylistNode.h" using namespace std; // function declaration char PrintMenu(string playlistTitle); void...

C++ This is a a few programs I need completed all in C++. The first part following this is the deliverables required and the steps required for each exercise. After that will be the code for each of...

URGENT!! I really need help figuring out how to make my code work. Below is the assignment, and following is the code I have now. Help me Chegg hero, you're my only hope! PROJECT 4 Objectives : The...

Use C++ no advance techniques, follow the instructions. Also when you do the swap, you may NOT hard code the swap. You have to use some loop that moves through the array and figures out when/where to...

Use C++, follow the instructions! When you do the swap, you may NOT hard code the swap. You have to use some loop that moves through the array and figures out when/where to swap. Show the program...

Use C++, follow the instructions. When you do the swap, you may NOT hard code the swap. You have to use some loop that moves through the array and figures out when/where to swap. #include #include...

I tried to follow the steps but I can't run my code, and it shows out-of-line definition of 'C' does not match any declaration in 'C' and linker command failed with exit code 1 (use -v to see...

#include using namespace std; char v_operator; int main() { cout > v_operator; switch(v_operator) { case '+': cout

Question 5 #include using namespace std; char v_operator; int main() { cout > v_operator; switch(v_operator) { case '+': cout

Animals can obtain food from: Options: 1) By eating plants 2) By eating animals that eat plants 3) Both 1 and 2 are correct 4) None of the above

For the study described in the previous exercise, answer the following questions. a. What is the population of interest? b. What population characteristics are being estimated? c. Do you think that...

Houton Homes has outstanding debt of 5 7 3 that is due in one year. Given the financial distress costs, debtholders will receive only 5 6 2 if the firm does well and 4 2 4 if in does poorly the...

last two options for the multiple choice are : performance management development A construction equipment manufacturer, Roswell Corporation, is focusing on becoming a leader in sustainability in...

Discuss the importance of workforce planning.

Differentiate between a mission statement and a vision statement.

1. Which features of organizations do managers need to know about to build and use information systems successfully?