Comments on: Underhanded C: The Leaky Redaction

By: Simon Strandgaard

Simon Strandgaard — Mon, 11 Jan 2010 17:27:31 +0000

Pure evil. Fantastic well put together piece of code that looks fairly innocent. Thank you for opening my eyes for this kind of dangerous code.

Keep up the good (or should I say evil) work!

By: Craig

Craig — Sat, 02 Jan 2010 03:47:01 +0000

Wow.

By: Lalit Mishra

Lalit Mishra — Fri, 01 Jan 2010 15:10:03 +0000

Clever.

By: Aaron

Aaron — Thu, 31 Dec 2009 20:29:13 +0000

My code review would start with “Where is BUFSIZE declared?”. I’m assuming there are header files being #include’d which have been omitted, or perhaps you are defining it on the command line?

By: Thomas Beaucourt

Thomas Beaucourt — Wed, 30 Dec 2009 23:39:58 +0000

Congratulations, beautiful idea ! Plausible deniability is very high indeed.

By: ThatsGobbles

ThatsGobbles — Wed, 30 Dec 2009 21:12:19 +0000

Very clever. I really dig the fact that, like you said, one of the most common types of images to block out are black-and-white text images, and this program works *best* on those types.

By: Anonymous

Anonymous — Wed, 30 Dec 2009 20:09:22 +0000

Hmm. If I were Spook, I would still be suspicious and/or worried as your answer lacks any _real_ justification as to why the obvious option of using scanf() (or rather fscanf()) would be wrong here. Your explanation seems to rely on the (correct) behavior of fgets(), which is different from fscanf().

It seems you assume fscanf() might work incorrectly (by not assigning all of the matching data within a line – you seem to imply fscanf() uses fgets() with a limited buffer internally, which may or may not be true) and because of this you implement the logic which uses fgets() directly.

Such behavior would be a bug. I am not aware of such a (known) bug in any fscanf() implementation. Are you?

By: MadKat

MadKat — Wed, 30 Dec 2009 19:07:16 +0000

That is truly a beautiful solution. Thank you for the extended description.