Bug in code

#include <stdio.h>

main()
{
system("for i in `cat /etc/samba/smbpasswd|awk '{split($0,a,\":\"); "
"if ((substr(a[1],1,1)!=\"#\") && (a[1]!=\"admin\")) print a[1]}'` "
"do "
"echo -n -e \"SMBUser\t\t\t$i\t\t\"`du -ks /home/$i | "
"awk '{print (($1*1024)/1000000)}'`\"\n\" "
"done");
}

The if-statement in a bash script requires a "then". Also in bash, if you put more than one statement on a single line, then you need to separate them with a semicolon.

I would recommend that you get that command to run first as a multi-line script, then as a single-line script. Or better yet, have system() call the multi-line script.

I ran that Bash script in Bash without a "then" and it it did run.

As for the format, the example below does worked. String concatenation is done by having double quotes around the text.
A semicolon before an "fi"
A blank space before a text begin within [[
A blank space aftera text ended within ]]

========================================

#include <stdio.h>

system("if [[ `cat /etc/sysparam.conf|grep EnableDHCP "
"| awk '{print $2}'` = 0 ]]; "
"then killall dhcpd; "
"fi");

Whoa there!

I just saw that in your reply, you used square brackets around the if-statement's condition, whereas in the original post you used parentheses. Also, you terminated the if-statement properly with "fi", which was missing in the original post.

Does this modified form also not run in your program?

The only other question I would have is why you have double brackets instead of just one.

1) I did modified the original code with square brackets around the if-statement's condition, and with "fi" but it does not run.

2) I tested the code again using single brackets and it does worked.

system("if [ `cat /etc/sysparam.conf|grep EnableDHCP "
"| awk '{print $2}'` = 0 ]; "
"then killall dhcpd; "
"fi");

===================================

lihn, I have a question for you...

Why do you insist on executing bash code through the system function?

If you want to do bash, then do bash. If you need the functionality of bash, the make a bash file and call the file through the system function. This does more than just clean up your code and make it a little easier to understand, but it also seperates out the logic.

I am trying to make the code more secure by converting existing Bash code file into C so that once the user purchase the box and if they hack into it, they will see binary file not bash code where they can easily read the file and do other things.

Of course, I do know that when you compile a C program that call a Bash command like system("ifconfig"), the ifconfig will showed up as text in the binary executable file making it easy for anyone to guess what 's going on. That is why I write some of the code in C, while some remain as C calling Bash command.

If they are able to hack the box though (unless the root password is easily guessed) then they would most likely be able to figure a good deal out just by looking through the executable or use some other exploit to see what is going on.

For the most part though, even if they did hack the box and read what the bash script did, it could still be made so that it is obscure enough that they wouldn't know what is going on. You can always make the bash file some obscure name in some obscure directory, etc...

But, if you really want to break it down like that, then you really need to call as little bash as necessary. Like in the code example you listed, the only thing you should send to the system function is the killall dhcpd command. The rest of it should be done inside of the program. The less you send to the system function the better.

why is using the system function bad?