solution-hw7

# solution-hw7 - 14 return false 15 memcpy(src packet ptr1...

This preview shows pages 1–2. Sign up to view the full content.

Homework 7 Solution I Buffer overflow The following code segment is extracted from the Green Dam. Which line code will cause buffer overflow? Why and give your solution to fix such bug? 1) which line? Line 22 2) why? When the length of src equal to URL_LEN_LIMIT, then the length of dst = 1000 + 13. Therefore, at line 22 the length of log is 1000+13+20 + 1=1034 > 1024. 3) how to fix? fix line 21: char log[1034] // at least 1034 fix line 1: const int URL_LEN_LIMIT = 990; //no more than 990. II Pointer Fill in the following declares in C program style. 1) int * a[10] // an array of size 10 pointers to integers 2) int **a _________ // a pointer to a pointer to an integer 1 const int URL_LEN_LIMIT = 1000; 2 void func1(const char* packet) { 3 char src[1024], dst[1024]; 4 if (get_src(packet, src)) { 5 strcpy(dst, "Found bad URL"); 6 strcat(dst, src); 7 report_log(dst); 8 } 9 } 10 11 bool get_src(const char* packet, char* src) { 12 const char* ptr1 = strstr(packet, "XXXX"); 13 if (ptr1 - packet < 0 || ptr1 - packet > URL_LEN_LIMIT)

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 14 return false; 15 memcpy(src, packet, ptr1 - packet); 16 src[ptr1 - packet] = 0; 17 return true; 18 } 19 20 void report_log(dst) { 21 char log[1024]; 22 sprintf(log, "[%2d-%2d-2d %2d:%2d:%2d] %s", . .., dst); 23 } 3) int (*a[5])(float) _________ //an array of size 5 pointers to functions which take a float argument and return an integer III Float pointer Consider the following 16-bit floating point representation based on the IEEE floating point format: There is a sign bit in the most significant bit. The next k = 5 bits are the exponent. The last n= 10 bits are the fractional part. Bias is 15. Numeric values are encoded in this format as a value of the form (-1) s * M * 2 E , where s is the sign bit, E is exponent after biasing, and M is the significand. Fill the following table for this floating point representation. Description E M Value 0 -14 Smallest denorm -14 1/1024 1/2^24 Largest denorm -14 1023/1024 1023/2^24 Smallest norm -14 1 1/16384 or 1/2^14 1 1 1 Largest norm 15 2047/1024 65504...
View Full Document

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern