How To: Security-Oriented C Tutorial 0x06 - Operators

Security-Oriented C Tutorial 0x06 - Operators

Hello again! In this tutorial, we are going to go over something called "operators" which will help us build upon conditions of control structures and also some variable manipulation. Without further ado, let's dive in!

What Is an Operator?

Operators are special symbols which allow the programmer to perform operations such as arithmetic, logical or comparative on variables. There are many other types but we will only cover the three mentioned for now.

Arithmetic Operators

As the name suggests, these operators are used to do mathematical operations such as 1 + 1 or 2 * 3 or a + b. The following tables extracted from Jon Erickson's Hacking: The Art of Exploitation, 2nd Edition summarize these operators.

When using the increment or decrement operators, it is important to know when to use either the prefix (++i) or postfix (i++). The prefix performs its operation before evaluating the line. The postfix performs its operation after evaluating the line. Here are some examples:

For the following two examples, b = 0.

  • a = b++ + 42

The line above evaluates a to be 42. After completing this line, b is then incremented to 1.

  • a = --b + 42

b is decremented to -1 before completing the line. a evaluates to be 41.

If you still don't understand, try experimenting with some code.

Pretty self-explanatory.

Comparison Operators

We have already seen some comparison operators when we did control structures. Here are some more to expand your knowledge. The following tables extracted from Jon Erickson's Hacking: The Art of Exploitation, 2nd Edition summarize these operators.

Pretty easy to understand. Take note that the operator "==" is not the same as the assignment operator "=". If you wish to compare equivalence, you must use the double equal signs "==", if you wish to set a value to a variable, you must use the single equal sign "=".

Logical Operators && Multiple Conditions

The logical operators give us the ability to expand the number of conditions in a control structure by combining them. We can test two or three variables at a time without having to "nest", making it more convenient. The following table extracted from Jon Erickson's Hacking: The Art of Exploitation, 2nd Edition summarizes these operators.

Please note that you must apply parenthesis to conditions where it may have ambiguity between different conditions. Also, the "!" above means "not". !(a < c) translates to "a is not less than c or a is greater than or equal to c.

From the table above, the first example shows that in order for the conditional to be satisfied, either a is less than b or a is less than c. The program will test a is less than b first. If a is less than b, it will ignore the second condition since it has already been satisfied. If a is not less than b, only then will it test the second part of the condition.

The second example shows that in order for the condition to be satisfied, a has to be less than b and a has to be less than c. Similar to the first example, if the first part evaluates to be false, the condition will have already failed and will ignore the second part.

Can we add more than just two conditions? Of course, you may chain as many conditions to your heart's desire.


If you're new to all of this, just practise and play around with some code until you're familiar with it, it shouldn't be too hard. Next tutorial, we will learn about arrays which will introduce us to more of the char variable. Until then!


Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.

Buy Now (90% off) >

Other worthwhile deals to check out:

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest