Friday, February 15, 2008

Don't try this at work

A friend sent me the following code, meant to do simple string comparison for a standard password changing dialog:




           char buf[256]



            test_pass = 0;
            for (i = 0; i < strlen(buf); ++i)
            {
                test_pass ^= (unsigned long)buf[i] << (i%4)*8;
                test_pass = test_pass << (i%4)*8  test_pass >> (32 - (i%4)*8);
            }

            sscanf(g_config.m_pPassword, "%08X", &old_pass);
            if (test_pass == old_pass)
            {
                // Get new password
                GetDlgItemText(IDC_EDIT_NEW_PASS, buf, 255);

                test_pass = 0;
                for (i = 0; i < strlen(buf); ++i)
                {
                    test_pass ^= (unsigned long)buf[i] << (i%4)*8;
                    test_pass = test_pass << (i%4)*8  test_pass >> (32 - (i%4)*8);
                }

                // Check configmation
                GetDlgItemText(IDC_EDIT_NEW_PASS2, buf, 255);

                test_pass2 = 0;
                for (i = 0; i < strlen(buf); ++i)
                {
                    test_pass2 ^= (unsigned long)buf[i] << (i%4)*8;
                    test_pass2 = test_pass2 << (i%4)*8  test_pass2 >> (32 - (i%4)*8);
                }

                if (test_pass != test_pass2)

        {
            MsgBox(".....");
            EndDailog(1)

        }
        sprintf(buf,"%08",test_pass);
    }

Dotmad.Net

The Number One Visual Studio 2009 Weblog on the Web

Friday, February 15, 2008

Don't try this at work

No comments:

Recent Posts

Popular Posts

Recent Comments

Blogroll

Podcasts I listen to

Labels