Shostack + Friends Blog Archive


2006 Underhanded C Contest

long unsigned int maxwordsize(char *inputFromStdIn)
long unsigned int tmpwordsize=0,maxword=1,i;
for (i=0; i <= strlen(inputFromStdIn); ++i,++tmpwordsize)
[etc etc]

So sayeth the winner of the "2006 Underhanded C Contest." (Underhandedly, they've titled the page, "2005 Underhanded C Contest:" I bet they're checking to see who's paying attention.)

I'm a huge fan of the Underhanded C Contest. When I was with Reflective, we spent a lot of time talking with executives concerned about trojans in their code. Now, detecting trojans in the code is a lot harder than detecting buffer overflows, and, I think, there are a lot more of the latter.

I'm glad to have samples of underhanded C code, because they allow us to study the problem, and the problem looks awfully hard.