Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create Password.c #82

Merged
merged 1 commit into from
Nov 1, 2024
Merged

Create Password.c #82

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions C/Password.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
#include <stdlib.h>
#include <stdio.h>

int main() {
int pin, attempt = 3;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

issue (complexity): Consider using symbolic constants and a single return path to improve code clarity.

The control flow can be simplified while maintaining all functionality. Here's a cleaner approach:

#include <stdlib.h>
#include <stdio.h>

#define CORRECT_PIN 4008
#define MAX_ATTEMPTS 3

int main() {
    int pin;
    int attempts_left = MAX_ATTEMPTS;

    while (attempts_left > 0) {
        printf("Enter your pin: ");
        scanf("%d", &pin);

        if (pin == CORRECT_PIN) {
            printf("Welcome User!\n");
            return 0;
        }

        attempts_left--;
        printf("Incorrect PIN\n");
        if (attempts_left == 0) {
            printf("No further attempts left\n");
            return EXIT_FAILURE;
        }
    }
}


do {
printf("Enter your pin: ");
scanf("%d", &pin);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 issue (security): Use safer input methods instead of scanf to prevent buffer overflow vulnerabilities

Consider using fgets() with sscanf() or similar safer alternatives that provide better input validation and buffer overflow protection.

attempt--;

if (pin != 4008) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 issue (security): Avoid hardcoding sensitive values like PINs in source code

Consider storing the PIN in a secure configuration file or environment variable, or using a proper password hashing mechanism.

printf("Incorrect PIN\n");
}

if (attempt == 0 && pin != 4008) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Restructure the attempt checking logic to avoid duplicate messaging

Consider checking remaining attempts first, then validate the PIN to make the flow more logical and eliminate redundant messages.

        if (attempt == 0) {
            printf("Incorrect PIN and no further attempts left\n");
            exit(EXIT_FAILURE);
        }

printf("Incorrect PIN and no further attempts left\n");
exit(EXIT_FAILURE);
}
} while (pin != 4008);

printf("Welcome User!\n");
return 0;
}
Loading