Couple big things are 1. Only accept reasonable characters, on a white list instead of rejecting bad characters based on a black list. This will mean you are less likely to forget to block /0 for example. 2. Understand how strings work and ensure both reading and writing to that string doesn’t extend beyond the end of memory allocated for the string. For example do you understand what the /0 would do to a string your program accepts?
Keep in mind, the lowercase and uppercase letters are in continuous blocks on the ASCII table so you can can use that to verify if a char is a letter without doing an incredible long chain of if else statements.
How do you sanitize your inputs or how do you exploit inputs which are not sanitized.
Santize inputs.
I’ll get back to you on exploits when I can write something that throws zero compilation errors. 😈
Couple big things are 1. Only accept reasonable characters, on a white list instead of rejecting bad characters based on a black list. This will mean you are less likely to forget to block /0 for example. 2. Understand how strings work and ensure both reading and writing to that string doesn’t extend beyond the end of memory allocated for the string. For example do you understand what the /0 would do to a string your program accepts?
Sic! Thanks! I’ll work on this this weekend! 😊
Keep in mind, the lowercase and uppercase letters are in continuous blocks on the ASCII table so you can can use that to verify if a char is a letter without doing an incredible long chain of if else statements.