The provided code implements a program in C that allows...

August 28, 2025 at 04:56 PM

#include <stdio.h> #include <stdlib.h> #include <string.h> typedef struct { char id[10]; int crediti; int livelloBonus; // flag interno inatteso } Utente; Utente utenti[3] = { {"U001",100,0}, {"U002",50,0}, {"U003",75,0} }; // Funzione vulnerabile: input inatteso altera più campi interni void aggiungiCreditiAvanzato() { char id[10]; char input[50]; printf("Inserisci ID utente: "); scanf("%9s", id); Utente* u = NULL; for(int i=0;i<3;i++){ if(strcmp(utenti[i].id,id)==0){ u=&utenti[i]; break; } } if(!u){ printf("Utente non trovato.\n"); return; } printf("Inserisci crediti da aggiungere: "); scanf(" %49[^\n]", input); int aggiunta = 0; // CWE-77: input non validato può influenzare anche flag interni if(sscanf(input,"%d",&aggiunta)==1){ u->crediti += aggiunta; } else { // input malevolo es. "10+LVL" modifica crediti e livelloBonus char* ptr = input; while(*ptr){ if(*ptr>='0' && *ptr<='9'){ aggiunta += atoi(ptr); while(*ptr>='0' && *ptr<='9') ptr++; } else if(*ptr=='L' || *ptr=='V'){ u->livelloBonus += 1; ptr++; } // effetto inatteso else ptr++; } u->crediti += aggiunta; } printf("Utente %s: crediti=%d, livelloBonus=%d\n", u->id, u->crediti, u->livelloBonus); } int main() { aggiungiCreditiAvanzato(); return 0; }

The provided code implements a program in C that allows the user to manipulate a database of three "Utente" (user) records. Each Utente has an ID, a number of credits (crediti), and a bonus level (livelloBonus). However, the program includes vulnerabilities stemming from insufficient input validation that can lead to unintended modifications to internal data structures. Here's what each part of the code does:

Breakdown of Functionality:

  1. Utente struct definition and initialization:

    • The Utente struct contains three fields:
      • id[10] (a string representing the user ID).
      • crediti (an integer representing the user's credits).
      • livelloBonus (an integer representing a bonus level or flag).
    • An array utenti is pre-initialized with three users, each with a unique ID, a certain number of credits, and a livelloBonus field set to 0. 
      Utente utenti[3] = { {"U001",100,0}, {"U002",50,0}, {"U003",75,0} };

  2. aggiungiCreditiAvanzato function: This function allows a user to add credits to an existing Utente by providing the user ID and the number of credits to add. However, it is poorly implemented and vulnerable due to lack of robust input validation.

    • The user is prompted to input an id (user ID) and a value (credits to add):

      printf("Inserisci ID utente: ");
scanf("%9s", id);

    • The program searches for the corresponding Utente in the utenti array:

      for(int i=0; i<3; i++) {
    if(strcmp(utenti[i].id, id) == 0) {
        u = &utenti[i];
        break;
    }
}

    • If the user is not found (u == NULL), the function exits with an error message.

    • If the user is found, the program prompts the user to input the credits to add. However, the input is stored as a string (input[50]) for later processing:

      printf("Inserisci crediti da aggiungere: ");
scanf(" %49[^\n]", input);

    Inclusion of Vulnerability:

    The input string input is parsed in two ways:

    • If the input is only a valid integer (e.g., "10"), it correctly adds the value to the user's credits using:

      if(sscanf(input, "%d", &aggiunta) == 1) {
    u->crediti += aggiunta;
}

    • If the input contains other characters (e.g., "10+LVL"), it enters a custom parsing loop:

      char* ptr = input;
while(*ptr) {
    if(*ptr >= '0' && *ptr <= '9') {
        aggiunta += atoi(ptr);
        while(*ptr >= '0' && *ptr <= '9') ptr++;
    }
    else if(*ptr == 'L' || *ptr == 'V') {
        u->livelloBonus += 1;
        ptr++;
    }
    else ptr++;
}

      In this loop:

      • Numbers are extracted and added to aggiunta (which increases the user's credits).
      • Any occurrence of the characters L or V increases livelloBonus by 1.

    This behavior is a security vulnerability because malformed or malicious input can manipulate both crediti and livelloBonus in unexpected ways.

  3. Summary Output: After processing, the function prints the updated user information:

    printf("Utente %s: crediti=%d, livelloBonus=%d\n", u->id, u->crediti, u->livelloBonus);

  4. main Function: The program simply calls aggiungiCreditiAvanzato when run. Only one input session occurs per execution.

Vulnerable Behavior:

The function is vulnerable due to the custom parsing logic for input. For example:

  • A normal input like "10" works as intended and adds 10 credits.
  • A malicious input like "10LVL" would:
    • Add 10 credits to the crediti field.
    • Increase the livelloBonus field by 2 (once for each L and V).

This input parsing logic can lead to unintended side effects, making the program vulnerable to malicious input.

Example Input and Output:

  1. Normal Input:

    Inserisci ID utente: U001
Inserisci crediti da aggiungere: 20
Utente U001: crediti=120, livelloBonus=0

  2. Malicious Input:

    Inserisci ID utente: U001
Inserisci crediti da aggiungere: 10LVL
Utente U001: crediti=110, livelloBonus=2

Key Issues:

  • Lack of input validation allows arbitrary manipulation of both crediti and livelloBonus.
  • Mixing numeric parsing and handling of special characters opens doors to unintended or maliciously crafted inputs.
  • The program assumes inputs are well-formed and does not handle unexpected formats securely.

Closing Thoughts:

This code demonstrates how improper handling of user input can lead to vulnerabilities. Fixed behaviors such as validating input strictly (e.g., ensuring it's strictly numeric before parsing) and not allowing unintended side effects are essential for secure programming.

Generate your own explanations
Download our vscode extension
Read other generated explanations

Built by @thebuilderjr
Sponsored by beam analytics
Read our terms and privacy policy
Forked from openai-quickstart-node