0

I have a char array with some libraries inside it, like : lib1.conf lib2.conf lib3.conf, etc.

I want to extract suid binaries from my debian, and make an 'ldd' of each binary to then compare each library of each binary with the set of libraries in my char array. ( (I hope to have been understandable:D)

Here is my code :

   `FILE *ldd;
    char* p2;
    char *p;
    char* s;
    int truc;
    p = strtok(update, "\n");

    FILE *suid=popen("find / -perm -u=s -type f 2>/dev/null", "r");
    char command[1000];
    char ldd_tab[500];
    
    while (fgets(suid_tab, sizeof(suid_tab), suid) !=NULL){

        p2 = strtok(suid_tab, "\n");
        sprintf(command, "ldd %s", p2);
        ldd = popen(command, "r");
        printf("%s\n", command);
        
        
        while(fgets(ldd_tab, sizeof(ldd_tab), ldd ) != NULL){

            

            s = strtok(ldd_tab, " ");
             
             
             if(strcmp(s, p) ==0){

                 printf("found one library\n");
                
             }
            

           p = strtok(NULL, "\n"); 
        }

        

    }`

The char array "update" is the array that contains my libraries to compare (beginning of my message). I use strtok() to cut the result of ldd command (keep only the name of the library).

My program does not return anything, whereas the "update" contains libraries present on my system, I think there are issues with nested while loop.

EDIT : here is a schema of what I want to obtain :

1)An suid binary is store in suid_tab with fgets.

2)the command 'ldd' is called with the suid binary.

3)The result of the ldd is passed to ldd_tab.

4)All libraries of the result are compared with all libraries in the update char array. (as the result contains several lines, I would like to use strcmp to compare each library one by one, but how to use strtok to do that ?)

5)If any library of any binary is equal to any library in update array, printf("found library).

UVision
  • 11
  • 4
  • 1
    `p = strtok(update, "\n");` there is no `update` shown. `p2 = strtok(suid_tab, "\n");` there is no `p2` declared in your question (I get you are removing the `'\n'`) `ldd = popen(command, "r");` where `popen()` returns `FILE*`, not `char*`. Go back over your code. Make sure the basic types match the function declarations. There are easier ways to trim a `'\n'` character. – David C. Rankin Apr 04 '21 at 09:44
  • See this question for removing the newline character without `strtok`: [Removing trailing newline character from fgets() input](https://stackoverflow.com/q/2693776/12149471) – Andreas Wenzel Apr 04 '21 at 09:48
  • 1
    You can't use `strtok` in a nested manner like this, because the function keeps its own internal state from call to call: http://www.cplusplus.com/reference/cstring/strtok/ Also does this code have to be written in C? It would be easier in many other languages. – Michael Geary Apr 04 '21 at 09:50
  • I have edited my code (add p2). the line p= strtok(NULL, "\n"); is to ask strtok to go to the next token here, not for remove newline. – UVision Apr 04 '21 at 10:03
  • Obviously I can write this code in python or other "simple" programming langages, but I want to write it in C for personnal preference. – UVision Apr 04 '21 at 10:04
  • As explained by @MichaelGeary, strtok inside the loop will not work as you except. You should first split update string to an array of string with the different files you want to check. Then for suid_tab use other way as specified by link from AndresWenzel – Ptit Xav Apr 04 '21 at 10:34
  • If I understand well , how can I store my char* (update) in a new char array ? – UVision Apr 04 '21 at 10:59

0 Answers0