为什么 put 函数不能处理 C++ 中套接字的输入字符？

发布于 2024-12-09 11:31:07 字数 660 浏览 0 评论 0原文

这是我的运行登录管理器的服务器的代码，该代码将恶意访问登录到文件中并打印出错误登录的结果。字符 user 和 pass 来自使用套接字的用户输入。

if ((memcmp(user, "admin", strlen("admin")) == 0)) {
    /*code... */
}
else {
    char msg[600];
    strcpy (msg,"Login error with ");
    strcat (msg,"user: ");
    strcat (msg,user);
    strcat (msg," password: ");
    strcat (msg,pass);
    strcat (msg," from: ");
    strcat (msg, client_ip);
    puts (msg);
    logfile->Write(msg);
    return false;
}

好吧，问题在于输出控制台和日志文件中的输出。

就像这样：

Login error with user: lol

 password: asd

:��ܔ��P{w� from: 127.0.0.1

为什么会有奇怪的 asci 字符？由于新行来自套接字的用户输入，如何避免新行？

原文

This is my code for a server running a login manager, that log into a file the malicious access and print out the result of the wrong login.
The chars user and pass come from the user input using the socket.

if ((memcmp(user, "admin", strlen("admin")) == 0)) {
    /*code... */
}
else {
    char msg[600];
    strcpy (msg,"Login error with ");
    strcat (msg,"user: ");
    strcat (msg,user);
    strcat (msg," password: ");
    strcat (msg,pass);
    strcat (msg," from: ");
    strcat (msg, client_ip);
    puts (msg);
    logfile->Write(msg);
    return false;
}

Well, the problem is the output both on the output console and in the logfile.

Like this:

Login error with user: lol

 password: asd

:��ܔ��P{w� from: 127.0.0.1

Why are there the strange asci chars?
How can avoid the new line since they come from user input by socket?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

猫瑾少女 2024-12-16 11:31:07

正如很多人评论的那样，这段代码不包含任何特定于 C++ 的内容，因此我的回答就好像您正在使用纯 C 语言一样。

我猜测，由于您在上面使用了 memcmp ，因此您的输入字符串不是以空字符结尾的。 strcat 将继续从指针所到之处追加 char，直到遇到 '\0'。如果您想将用户或密码用作 C 样式字符串，则需要添加空终止符，否则使用 strncat 并传递长度。

另外，请注意 msg 溢出。使用 snprintf 来格式化消息可能会更好，因为它接受最大输出字符串长度。

回复收藏 0 原文

你怎么这么可爱啊 2024-12-16 11:31:07

这样你可以让你的代码变得更小一点，

if (strcmp(user, "admin") == 0) {
    /* yahoo, admin! */
}
else {
    char buff[256];
    snprintf(buff, sizeof(buff),
            "Login error with user: %s password: %s from: %s",
            user,
            pass,
            client_ip);
    printf("%s\n", buff);
    logfile->Write(buff);
    return false;
}

在 if 语句之前添加这个额外的代码，你可以确保字符串有效

printf("user, len:%d, value: %s\n", strlen(user), user);
printf("pass, len:%d, value: %s\n", strlen(pass), pass);
printf("client_ip, len:%d, value: %s\n", strlen(client_ip), client_ip);

This way you could make your code little bit smaller

if (strcmp(user, "admin") == 0) {
    /* yahoo, admin! */
}
else {
    char buff[256];
    snprintf(buff, sizeof(buff),
            "Login error with user: %s password: %s from: %s",
            user,
            pass,
            client_ip);
    printf("%s\n", buff);
    logfile->Write(buff);
    return false;
}

adding this extra code before if-statement you could ensure strings are valid

printf("user, len:%d, value: %s\n", strlen(user), user);
printf("pass, len:%d, value: %s\n", strlen(pass), pass);
printf("client_ip, len:%d, value: %s\n", strlen(client_ip), client_ip);

回复收藏 0 原文

~没有更多了~