solution-hw7 - 14 return false 15 memcpy(src packet ptr1...

Info icon This preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Homework 7 Solution I Buffer overflow The following code segment is extracted from the Green Dam. Which line code will cause buffer overflow? Why and give your solution to fix such bug? 1) which line? Line 22 2) why? When the length of src equal to URL_LEN_LIMIT, then the length of dst = 1000 + 13. Therefore, at line 22 the length of log is 1000+13+20 + 1=1034 > 1024. 3) how to fix? fix line 21: char log[1034] // at least 1034 fix line 1: const int URL_LEN_LIMIT = 990; //no more than 990. II Pointer Fill in the following declares in C program style. 1) int * a[10] // an array of size 10 pointers to integers 2) int **a _________ // a pointer to a pointer to an integer 1 const int URL_LEN_LIMIT = 1000; 2 void func1(const char* packet) { 3 char src[1024], dst[1024]; 4 if (get_src(packet, src)) { 5 strcpy(dst, "Found bad URL"); 6 strcat(dst, src); 7 report_log(dst); 8 } 9 } 10 11 bool get_src(const char* packet, char* src) { 12 const char* ptr1 = strstr(packet, "XXXX"); 13 if (ptr1 - packet < 0 || ptr1 - packet > URL_LEN_LIMIT)
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 14 return false; 15 memcpy(src, packet, ptr1 - packet); 16 src[ptr1 - packet] = 0; 17 return true; 18 } 19 20 void report_log(dst) { 21 char log[1024]; 22 sprintf(log, "[%2d-%2d-2d %2d:%2d:%2d] %s", . .., dst); 23 } 3) int (*a[5])(float) _________ //an array of size 5 pointers to functions which take a float argument and return an integer III Float pointer Consider the following 16-bit floating point representation based on the IEEE floating point format: There is a sign bit in the most significant bit. The next k = 5 bits are the exponent. The last n= 10 bits are the fractional part. Bias is 15. Numeric values are encoded in this format as a value of the form (-1) s * M * 2 E , where s is the sign bit, E is exponent after biasing, and M is the significand. Fill the following table for this floating point representation. Description E M Value 0 -14 Smallest denorm -14 1/1024 1/2^24 Largest denorm -14 1023/1024 1023/2^24 Smallest norm -14 1 1/16384 or 1/2^14 1 1 1 Largest norm 15 2047/1024 65504...
View Full Document

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern