Question: You are given the task of patching the vulnerability in the XDR code shown in the aside on page 136 for the case where both

You are given the task of patching the vulnerability in the XDR code shown in the aside on page 136 for the case where both data types int and size_t are 32 bits. You decide to eliminate the possibility of the multiplication overflowing by computing the number of bytes to allocate using data type uint64_t. You replace the original call to malloc (line 9) as follows:

uint64_t asize ele_cnt* (uint64_t) ele_size; malloc (asize); void *result =

Recall that the argument to malloc has type size_t.

A. Does your code provide any improvement over the original?

B. How would you change the code to eliminate the vulnerability?

uint64_t asize ele_cnt* (uint64_t) ele_size; malloc (asize); void *result =

Step by Step Solution

3.46 Rating (149 Votes )

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock

A This change does not help at all Even though the computation of a size will ... View full answer

blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Computer Systems A Programmers Perspective Questions!

Q:

This case was written by Professor Michele Greenwald, Visiting Professor of Marketing at HEC Paris, for use with Advertising and Promotion: An Integrated Marketing Communications Perspective 7th...

Q:

INTRODUCTION This project provides an opportunity for students of Intermediate Accounting to utilize financial accounting information in a simulation of a real-world setting. In addition, this...

Q:

Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...

Q:

ANSWER ALL PARTS Task 2: Serialize an array of integers to a JSON text-format file Extend the functionality of your integer array from Lab 5 to support saving and loading arrays from the filesystem...

Q:

Summarize these pages to 4 or 5 pages User and Operating-System Interface We mentioned earlier that there are several ways for users to interface with the operating system. Here, we discuss two...

Q:

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

Q:

answer the question clearly You are building a flight-control system for which a convincing safety case must be made. Would you assign the tasks of safety requirements engineering, test case...

Q:

clarifications: math.h functions may not be used in this project math.h was included in to the source code to provide the INFINITY constant needed by your get_fp() function for returning...

Q:

JUUSULW.ICUSCI Abstract Brooks Hamilton recently completed his third year in college and has just started a summer internship at a prestigious Wall Street investment firm. The investment firm is very...

Q:

1411116 - Programming I Assignment #3 Due Date: November 30, 2016 Submission Instructions: Submit your assignment on the blackboard link, corresponding to your Section: Please follow the following...

Q:

Tom's Taxidermy expects to units 800 units of its specialty preservation product. The managerial accountant reported that manager must sell 400 units of specialty product to breakeven Compute the...

Q:

In Chapter 1, we discussed Lee Salks experiment in which he exposed one group of infants to the sound of a heartbeat and compared their weight gain to that of a group not exposed. Do you think it...

Q:

Question 3 1 p t s Frequency analysis revealed that the percentage of men owning an iPhone was 6 9 . 9 3 4 7 2 % . Which of the following is the best way to display this result in the research...

Q:

The straight-line gain response of a linear circuit is shown in Figure P1254. What are the initial and final values of the circuit step response? What is the approximate duration of the transient...

Q:

Describe an algorithm for finding both the minimumand maximum of n numbers using fewer than 3n/2 comparisons.

Q:

Give an algorithm for finding the second-to-last node in a singly linked list in which the last node is indicated by a null next reference.

Q:

The LinkedPositionalList implementation of Code Fragments 7.97.12 does not do any error checking to test if a given position p is actually a member of the relevant list. Give a detailed explanation...

Q:

On January 1, Jarel acquired 80 percent of the outstanding voting stock of Suarez for $260,000 cash consideration. The remaining 20 percent of Suarez had an acquisition-date fair value of $65,000. On...

Q:

Balance Sheet, December 31, Year 1: Accounts Receivable $500,000 Allowance For Doubtful Accounts $70,000 14% of gross accounts receivable Net Realizable Value $430,000 Accounts Receivable Allowance...

Q:

Assume the following from a schedule of cost of goods manufactured (the company uses no indirect materials in production): Beginning work in process inventory $ 10,000 Ending work in process...