cscg24-bank

CSCG 2024 Challenge 'Bank'
git clone https://git.sinitax.com/sinitax/cscg24-bank
Log | Files | Refs | sfeed.txt

vuln.c (5415B)

      1#include <stdio.h>
      2#include <stddef.h>
      3#include <assert.h>
      4#include <stdlib.h>
      5#include <string.h>
      6#include <time.h>
      7#include <unistd.h>
      8
      9#define MAX_ACCOUNTS 10
     10
     11// Define the structure for an account
     12typedef struct
     13{
     14    int accountNumber;
     15    char ownerName[64];
     16    long int balance;
     17} BankAccount;
     18static_assert(sizeof(BankAccount) == 80, "");
     19static_assert(offsetof(BankAccount, accountNumber) == 0, "");
     20static_assert(offsetof(BankAccount, ownerName) == 4, "");
     21static_assert(offsetof(BankAccount, balance) == 72, "");
     22
     23void win()
     24{
     25    execve("/bin/sh", NULL, NULL);
     26}
     27
     28// Function to create a new account
     29BankAccount *createAccount(const char *ownerName, long initialBalance)
     30{
     31    BankAccount *newAccount = (BankAccount *)calloc(1, sizeof(BankAccount));
     32
     33    if (newAccount == NULL)
     34    {
     35        printf("Memory allocation failed.\n");
     36        exit(1);
     37    }
     38
     39    // Generate a random account number
     40    newAccount->accountNumber = rand() % 10000 + 1000;
     41
     42    strncpy(newAccount->ownerName, ownerName, sizeof(newAccount->ownerName) - 1);
     43    newAccount->balance = initialBalance;
     44
     45    return newAccount;
     46}
     47
     48// Function to find an account based on its account number
     49BankAccount *findAccount(int accountNumber, BankAccount accounts[])
     50{
     51    for (int i = 0;; ++i)
     52    {
     53        if (accounts[i].accountNumber == accountNumber)
     54        {
     55            return &accounts[i];
     56        }
     57    }
     58    return NULL;
     59}
     60
     61// Function to transfer money between two accounts
     62void transferMoney(BankAccount *sender, BankAccount *receiver, long amount)
     63{
     64    if (sender->balance >= amount)
     65    {
     66        sender->balance -= amount;
     67        receiver->balance += amount;
     68        printf("Transfer successful.\n");
     69    }
     70    else
     71    {
     72        printf("Insufficient funds.\n");
     73    }
     74}
     75
     76// Function to check the account balance
     77void checkBalance(BankAccount *account)
     78{
     79    printf("Account Number: %d\n", account->accountNumber);
     80    printf("Owner Name: %s\n", account->ownerName);
     81    printf("Balance: %ld\n", account->balance);
     82}
     83
     84int bank()
     85{
     86    // Declare an array to store accounts
     87    BankAccount accounts[MAX_ACCOUNTS];
     88    int numAccounts = 0;
     89
     90    // CLI loop
     91    while (1)
     92    {
     93        // Display menu
     94        printf("\nMenu:\n");
     95        printf("1. Create Account\n");
     96        printf("2. Check Balance\n");
     97        printf("3. Transfer Money\n");
     98        printf("4. Exit\n");
     99
    100        // Get user choice
    101        printf("Enter your choice: ");
    102        int option;
    103        scanf("%d", &option);
    104
    105        switch (option)
    106        {
    107        case 1:
    108            // Create Account
    109            printf("Enter Owner Name: ");
    110            char ownerName[84];
    111            fgets(ownerName, sizeof(ownerName), stdin);
    112            printf("Enter Initial Balance: ");
    113            long initialBalance;
    114            scanf("%ld", &initialBalance);
    115
    116            // Create the account and add it to the array
    117            if (numAccounts < MAX_ACCOUNTS)
    118            {
    119                BankAccount *tmp_account = createAccount(ownerName, initialBalance);
    120                BankAccount *account = &accounts[numAccounts++];
    121
    122                memcpy(account, tmp_account, sizeof(BankAccount));
    123                free(tmp_account);
    124
    125                printf("Account created successfully.\n");
    126                checkBalance(account);
    127            }
    128            else
    129            {
    130                printf("Maximum number of accounts reached.\n");
    131            }
    132            break;
    133
    134        case 2:
    135            // Check Balance
    136            printf("Enter Account Number: ");
    137            int accountNumber;
    138            scanf("%d", &accountNumber);
    139
    140            // Find the account and display the balance
    141            BankAccount *account = findAccount(accountNumber, accounts);
    142            if (account != NULL)
    143            {
    144                checkBalance(account);
    145            }
    146            else
    147            {
    148                printf("Account not found.\n");
    149            }
    150            break;
    151
    152        case 3:
    153            // Transfer Money
    154            printf("Enter Sender Account Number: ");
    155            scanf("%d", &accountNumber);
    156
    157            // Find the sender account
    158            BankAccount *sender = findAccount(accountNumber, accounts);
    159            if (sender == NULL)
    160            {
    161                printf("Sender account not found.\n");
    162                break;
    163            }
    164
    165            printf("Enter Receiver Account Number: ");
    166            scanf("%d", &accountNumber);
    167
    168            // Find the receiver account
    169            BankAccount *receiver = findAccount(accountNumber, accounts);
    170            if (receiver == NULL)
    171            {
    172                printf("Receiver account not found.\n");
    173                break;
    174            }
    175
    176            printf("Enter Transfer Amount: ");
    177            long transferAmount;
    178            scanf("%ld", &transferAmount);
    179
    180            // Transfer money between accounts
    181            transferMoney(sender, receiver, transferAmount);
    182
    183            // Display updated balances
    184            printf("Updated Balances\n");
    185            break;
    186
    187        case 4:
    188            // Exit the program
    189            printf("Exiting the program.\n");
    190            return 0;
    191
    192        default:
    193            printf("Invalid option. Please try again.\n");
    194        }
    195    }
    196
    197    return 0;
    198}
    199
    200int main()
    201{
    202    setbuf(stdout, NULL);
    203    // Seed the random number generator with the current time
    204    srand((unsigned int)time(NULL));
    205
    206    bank();
    207
    208    return 0;
    209}