From owner-freebsd-questions Mon Mar 24 10:18:36 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B5AF937B401 for ; Mon, 24 Mar 2003 10:18:31 -0800 (PST) Received: from login.kvalito.no (login.kvalito.no [213.151.136.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 381F643F3F for ; Mon, 24 Mar 2003 10:18:31 -0800 (PST) (envelope-from sigsegv@login.kvalito.no) Received: by login.kvalito.no (Postfix, from userid 1166) id AE4EA1276E0; Mon, 24 Mar 2003 19:18:45 +0100 (CET) To: blueeskimo@gmx.net Subject: Re: Generating passwords Cc: questions@freebsd.org, tony@idk.com Message-Id: <20030324181845.AE4EA1276E0@login.kvalito.no> Date: Mon, 24 Mar 2003 19:18:45 +0100 (CET) From: sigsegv@login.kvalito.no (Jan-Espen Pettersen) X-Spam-Status: No, hits=-9.7 required=5.0 tests=EMAIL_ATTRIBUTION,QUOTED_EMAIL_TEXT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Monday 24 March 2003 07:24, you wrote: > On Mon, 2003-03-24 at 00:04, Jan-Espen Pettersen wrote: > > This C program will generate random passwords. > > ... > > int main() > > { > > int min_lenght = 8; > > int max_lenght = 30; > > int a; > > long int b; > > char *c = > > "-abcdefghijklmnopqrstuvwxyz-ABCDEFGHIJKLMNOPQRSTUVWXYZ---_/*+1234567890! > >#---1234567890-"; char *d; > > long int e; > > srandomdev(); > > e = random(); > > e = min_lenght + (e % ((max_lenght - min_lenght) + 1)); > > printf("lenght=%d\n", e); > > e++; > > d = (char *) malloc(e); > > e--; > > d[e] = 0; > > a = 0; > > while (a < e) > > { > > b = random(); > > b = b % strlen(c); > > d[a] = c[b]; > > a++; > > }; > > printf("password=\"%s\"\n", d); > > }; > > I have a few issues with this code .. > a) You never free() your malloc'ed memory > > b) You shouldn't call strlen(c) every time you iterate through the > while() loop (since 'c' isn't changing). Set this length in a variable > before the while loop, then make use of that variable. This could even > be a #define, since the string is hard-coded. > > c) I'm not sure this is completely portable: d[e] = 0; > Just in case, I'd suggest: d[e] = '\0'; > > d) Combine these two lines: > b = random(); > b = b % strlen(c); > --> b = random() % len; // using 'len' variable as I mentioned before. > > e) You never return from main(). Some compilers will be very unhappy > about this. Better to be explicit. > > f) You don't check the return value of malloc(). This should be a > no-brainer. *Always* check the return value of malloc/calloc, no matter > how little memory you are requesting. Oops, sorry, that program was only a program I wrote relly fast for internal use only. for a very long while ago. I should have checked it for that type of warnings/errors/bad code. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message