0

my C prog return buffer overflow , i want concatenate one string and one input string this my code

#include "ring.h"
#include "string.h"
#include "stdlib.h"

RING_FUNC(ring_bingetaccount)
{
       char Address[100] = {0};
    // Check Parameters Count
        if (RING_API_PARACOUNT != 1) {
            RING_API_ERROR(RING_API_MISS1PARA);
            return;
        }
    // Check Parameters Type
        if ( ! RING_API_ISSTRING(1) ) {
            RING_API_ERROR(RING_API_BADPARATYPE);
            return;
        }
        char destination[] = "curl -X GET  https://dex.binance.org/api/v1/account/";
        strcpy(Address,RING_API_GETSTRING(1));
        strcat(destination,Address);
        int status = system(destination);
}

if i remove strcat(destination,Address); not return buffer overflow but ofcourse not do what i want , thanks at all

Improve this question
1
  • 5
    destination has enough space for exactly just "curl -X GET https://dex.binance.org/api/v1/account/" yet you try to strcat() more characters in there. Try char destination[4200] = "whatever"; for a larger space in the array (that is still unused (but filled with '\0's) as of the initialization). Commented Oct 24, 2021 at 15:58

1 Answer 1

Reset to default
2

strcat(destination,Address); fails as destination[] has no more room to append any characters.

    char destination[] = "curl -X GET  https://dex.binance.org/api/v1/account/";
    strcpy(Address,RING_API_GETSTRING(1));
    strcat(destination,Address);  // Fails, unless Address is ""

Instead, form a large enough array with a VLA or malloc()

    const char *curl = "curl -X GET  https://dex.binance.org/api/v1/account/";
    const char *ring = RING_API_GETSTRING(1)
    size_t sz = strlen(curl) + strlen(ring) + 1;
    char destination[sz];
    strcpy(destination, curl);
    strcat(destination, ring);
    int status = system(destination);

with malloc()

    size_t sz = strlen(curl) + strlen(ring) + 1;
    char *destination = malloc(sz);
    if (destination) {
      strcpy(destination, curl);
      strcat(destination, ring);
      int status = system(destination);
      free(destination);
      destination = NULL:
    } else {
      TBD_Handle_OutOfMemory();
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks at all so much

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.