From the course: Secure Coding in C
Join today to access over 25,600 courses taught by industry experts.
Using the system() call - C Tutorial
From the course: Secure Coding in C
Using the system() call
- [Instructor] The system function allows direct input to the operating system. This level of access means you must be cautious with the commands sent. In this example, the command sent is static text, providing that this command is safe to use and it is in this instance. It offers no potential for unintended consequences. The code is fine. Here's the Windows version of the code, which declares a Windows defined constant. Now, the program builds under Windows, issuing the Windows version of the directory list command. This code, however, presents a problem. Text is input here. Whatever text the user types is then sent to the system unchecked. The user could type any deleterious command and the computer dutifully obeys just as if you're given the user full access to the command prompt. You have several ways to address this type of undefined behavior. First, you can present a menu of limited commands and have the code issue the commands itself. The user chooses an option and a preset…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Formatting preprocessor directives1m 33s
-
(Locked)
Using an assignment as a condition1m 44s
-
(Locked)
Avoiding putchar() in a while loop2m 38s
-
(Locked)
Using the system() call2m 4s
-
(Locked)
Accessing elements beyond the array size2m 38s
-
(Locked)
Converting integers2m 57s
-
(Locked)
Looping with floating point values3m 10s
-
(Locked)
Using return values1m 52s
-
(Locked)
Confirming when EOF has been read3m 34s
-
(Locked)
Challenge: Fix the code1m 20s
-
(Locked)
Solution: Fix the code1m 54s
-
(Locked)
-
-
-
-