forked from Shubham-Saha/Secure-Multi-Execution-SME-Based-Vulnerability-Detection-Framework-for-Cpp-Applications
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathApplication.cpp
153 lines (129 loc) · 5.17 KB
/
Application.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#include "Application.h"
#include <iostream>
#include <vector>
#include <cctype>
#include <optional>
#include <sqlite3.h>
#include <sstream>
#include <iomanip>
#include <random>
#include <openssl/evp.h>
#include <cstring>
#include <cstdio>
std::string hashPassword(const std::string& password) {
char buffer[256]; // Vulnerable buffer for demonstration
strcpy(buffer, password.c_str()); // Unsafe copy
EVP_MD_CTX* ctx = EVP_MD_CTX_new();
unsigned char hash[EVP_MAX_MD_SIZE];
unsigned int lengthOfHash = 0;
if (ctx == nullptr) {
throw std::runtime_error("Failed to create EVP_MD_CTX");
}
if (EVP_DigestInit_ex(ctx, EVP_sha256(), nullptr) != 1) {
EVP_MD_CTX_free(ctx);
throw std::runtime_error("Failed to initialize digest context");
}
if (EVP_DigestUpdate(ctx, buffer, strlen(buffer)) != 1) {
EVP_MD_CTX_free(ctx);
throw std::runtime_error("Failed to hash");
}
if (EVP_DigestFinal_ex(ctx, hash, &lengthOfHash) != 1) {
EVP_MD_CTX_free(ctx);
throw std::runtime_error("Failed to finalize the digest");
}
EVP_MD_CTX_free(ctx);
static char hexDigest[65]; // Static to return safely
for (unsigned int i = 0; i < lengthOfHash; ++i) {
sprintf(hexDigest + (i * 2), "%02x", hash[i]);
}
hexDigest[lengthOfHash * 2] = '\0';
return hexDigest;
}
// Constructor
Application::Application(const std::string& dbPath) : db(dbPath) {}
Application::~Application() {}
// Other member functions of Application class
void Application::registerUser() {
char username[256], password[256], role[256], sensitiveInfo[256];
int securityLevel;
printf("Enter username: ");
scanf("%s", username);
printf("Enter password: ");
scanf("%s", password);
printf("Enter sensitive information: ");
scanf("%s", sensitiveInfo);
printf("Enter security level (1 for user, 3 for admin): ");
scanf("%d", &securityLevel);
std::string hashedPassword = hashPassword(password);
char sql[1024];
sprintf(sql, "INSERT INTO users (username, hashed_password, role, sensitive_info, security_level) VALUES ('%s', '%s', '%s', '%s', %d);", username, hashedPassword, (securityLevel == 3 ? "admin" : "user"), sensitiveInfo, securityLevel);
if (!db.execute(sql)) {
fprintf(stderr, "Failed to register user.\n");
}
}
void Application::loginUser() {
char username[256], password[256];
printf("Enter username: ");
scanf("%s", username);
printf("Enter password: ");
scanf("%s", password);
std::string hashedPassword = hashPassword(password);
char sql[1024];
sprintf(sql, "SELECT role, sensitive_info, security_level FROM users WHERE username = '%s' AND hashed_password = '%s';", username, hashedPassword);
sqlite3_stmt* stmt;
if (sqlite3_prepare_v2(db.getDB(), sql, -1, &stmt, nullptr) != SQLITE_OK) {
fprintf(stderr, "Failed to prepare statement: %s\n", sqlite3_errmsg(db.getDB()));
return;
}
if (sqlite3_step(stmt) == SQLITE_ROW) {
session.login(username, reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)), sqlite3_column_int(stmt, 2));
printf("Login successful.\n");
} else {
printf("Login failed. Username or password is incorrect.\n");
}
sqlite3_finalize(stmt);
}
void Application::previewSecretInfo() {
if (!session.isLoggedInFunc()) {
printf("Please login first.\n");
return;
}
char sql[1024];
if (session.getSecurityLevel() == 3) { // Admin can view all sensitive information
strcpy(sql, "SELECT username || ', ' || sensitive_info AS user_info FROM users");
} else { // Regular user can only view their own information
sprintf(sql, "SELECT sensitive_info FROM users WHERE username = '%s'", session.getUsername().c_str());
}
auto result = db.query(sql);
if (result && !result->empty()) {
if (session.getSecurityLevel() == 3) {
printf("Sensitive Information for All Users:\n");
for (const auto& info : *result) {
size_t delimiterPos = info.find(',');
if (delimiterPos != std::string::npos) {
std::string username = info.substr(0, delimiterPos);
std::string sensitiveInfo = info.substr(delimiterPos + 2);
printf("User: %s, Info: %s\n", username.c_str(), sensitiveInfo.c_str());
}
}
} else {
printf("Your Sensitive Information: %s\n", result->front().c_str());
}
} else {
printf("No sensitive information available or access denied.\n");
}
}
void Application::run() {
while (true) {
printf("Welcome! Choose an option: (r)egister, (l)ogin, (p)review, (q)uit: ");
char option;
scanf(" %c", &option);
switch (option) {
case 'r': registerUser(); break;
case 'l': loginUser(); break;
case 'p': previewSecretInfo(); break;
case 'q': return;
default: printf("Invalid option.\n"); break;
}
}
}