Question: 1. Question. Consider the following C code fragment: 1 v o i d 2 f o o b a r ( ch a r a

1. Question. Consider the following C code fragment: 1 v oi d 2 f o o b a r ( ch a

1. Question. Consider the following C code fragment: 1 v o i d 2 f o o b a r ( ch a r a rg ) 3 { 4 5 ch a r msg [ 2 5 6 ] ; 6 7 memset (msg , 0 , s i z e o f ( msg ) ) ; 8 9 // s h a l l we t r u s t th e u s e r ? Neve r ! 10 i f ( s t r l e n ( a rg )

a. Give a thorough description of the programs vulnerability. In particular, name the vulnerability (1 mark), its location (1 mark), and provide a detailed overview of its exploitation (2 marks). Then, identify and explain thoroughly all the components that are involved in the exploit (4 marks). [8 marks]

b. How would an attacker exploit the vulnerability? Hint: describe in detail what the injection vector would look like (and what retaddr and retloc the attacker may use). Use symbolic values and addresses when needed (no need to write down the shellcode). [10 marks]

c. Would bounds checkers mitigate the vulnerability (1 mark)? Explain clearly the reasons (1 mark). [2 marks]

d. Would StackGuard mitigate the vulnerability (1 mark)? Explain clearly the reasons (2 marks).

a. Give a thorough description of the program's vulnerability. In particular, name the vulnerability (1 mark), its location (1 mark), and provide a detailed overview of its exploitation (2 marks). Then, identify and ex- plain thoroughly all the components that are involved in the exploit (4 marks) (8 marks b. How would an attacker exploit the vulnerability? Hint: describe in detail what the injection vector would look like (and what retaddr and retloc the attacker may use). Use symbolic values and addresses when needed (no need to write down the shellcode). [10 marks) c. Would bounds checkers mitigate the vulnerability (1 mark)? Explain clearly the reasons (1 mark). [2 marks d. Would StackGuard mitigate the vulnerability (1 mark)? Explain clearly the reasons (2 marks). [3 marks] e. How can the program be fixed? [2 marks] 10 ES 1. Question. Consider the following C code fragment: 1 void 2 foobar (char *arg) 3 { 4 5 char msg [256): 6 7 memset (msg, 0, sizeof(msg)); 8 9 // shall we trust the user? Never! if (strlen(arg)

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

4. Question. Consider the following C code fragment and assume the pro- gram name is fixed to vuln, it is invoked as ./vuln (i.e., argv[0]) and cannot be changed by an attacker. 1 int 2 main(int...

Q:

Question 5 1 pts Consider the following C code fragment: typedef union { char c; int i; double d; } my_union; my_union arr[2]; Suppose that arr[0] is stored at memory address 0. At what address is...

Q:

1. Consider the following C code fragment. c = a - b; d = b + e; Here is the generated MIPS code for this segment, assuming all variables are in memory and are addressable as off sets from Sto. lw Iw...

Q:

3. Consider the following C code fragment and assume the program name is fixed to vuln, it is invoked as ./vuln (i.e., argv[0]) and cannot be changed by an attacker. 1 int 2 main (int argc, char...

Q:

2. Consider the following C code fragment: 1 int 2 main(int argc, char **argv) 3 { 4 5 int n; n = 6 7 if (argc 2) 8 foobar (argv[1]); 9 else exit (1); 10 11 printf("Hey! %s, nice to meet ya (%d) ",...

Q:

4. Consider the following C code fragment: 1 int 2 main(int argc, char **argv) 3 { 4 = 8 5 char Ibuf [1024] = { 0, }; 6 7 (void) read (STDIN_FILENO, Ibuf, 1023); (void) foobar (Ibuf); 9 10 exit (0);...

Q:

Question 6 2 pts Consider the following C code fragment: int arr[20] (30); int* ptr = &arr (3) (29); The expression *(ptr + 4) is equivalent to arr[ 1. Use values that are within the range of their...

Q:

Question 1 (1 points): Consider the following C code that uses the POSIX threading API: pthread_t a, b; struct point { int x, y; }; void *bar(void *arg) { struct point *p = (struct point *) arg;...

Q:

Consider the following (Java-like) code fragment in which A is a class that has a field (attribute) named next and can have other fields that are not referenced in the code. Assignment has sharing...

Q:

Question 2: Memory-Mapped I/O and GPIO Ports You are given the following code that accesses GPIO Port A. Explain the port macro definition by explaining what each part of the definition means or...

Q:

1) Do a bit if research into File Inclusion Vulnerability. What is it? Why is is dangerous? What is the difference of low and remote inclusion? What methods can me employed to prevent a security...

Q:

Which one of the following would not be effected by a change in revenue recognition requiring a retrospective change? A. revenue B. deferred taxes C. unearned revenue D. cash

Q:

What is a Treasury bill? Multiple choice question. A short - term debt security sold directly by the U . S . government A contract in which the buyer promises to pay a fixed price for an asset or...

Q:

Cash Collections Related: the first half of next year: Richards Company has the following budgeted sales for Cash Sales Credit Sales January..80,000 $350.000 February March April May..$55.000...

Q:

9. Explain learner control, sharing, and linking. How do they contribute to the effectiveness of e-learning?

Q:

2. What are some advantages and disadvantages of multimedia training?

Q:

1. Explain how technology has changed the learning environment.