Secure Programming in C
Added on 2022-12-03
14 Pages2158 Words367 Views
Running Head: SECURE PROGRAMMING IN C
SECURE PROGRAMMING IN C
Name of the Student:
Name of the University:
Author Note:
SECURE PROGRAMMING IN C
Name of the Student:
Name of the University:
Author Note:
2SECURE PROGRAMMING IN C
Table of Contents
Answer for question 1: ................................................................................................................3
Answer for question 2: ................................................................................................................4
Answer for question 3: ................................................................................................................5
Answer for question 4: ................................................................................................................6
Answer for question 5: ................................................................................................................9
References ................................................................................................................................ 13
Table of Contents
Answer for question 1: ................................................................................................................3
Answer for question 2: ................................................................................................................4
Answer for question 3: ................................................................................................................5
Answer for question 4: ................................................................................................................6
Answer for question 5: ................................................................................................................9
References ................................................................................................................................ 13
3SECURE PROGRAMMING IN C
Answer for question 1:
Error 1: The error will be detected in line 2 where the character array is declared and has length
of 10 bytes but the problem is the function strcpy() in line 5 is copying 11 characters, which also
includes a null character (Shahriar, Haddad and Vaidya, 2013).
In order to fix this error, an alteration in the length of the character array source should be made,
and the changed size should be 11 bytes.
Error 2: The definition for malloc() function in line 6 is wrong.
The correct approach to define malloc() for this program would be (Coker and Hafiz, 2013):
char *dest = (char *)malloc(strlen(source));
Error 3: In C programming language or any other programming language, the first position of an
array is indexed at 0 but, in this program, in line 7, the index value of i of the for loop is starting
from 1.
Solution to this problem would be to initialize the variable i in the for loop with 0.
Error 4: An error will occur in line 7, where the ending condition of the for loop is i<=11 and this
will lead the for loop to iterate additional one more time, even if it is not required by the
programmer.
In order to solve this error, the ending iteration value in the for loop should be changed to i< 11 or
i<=10.
Error 5: In line 10 of the code, it creates an undefined behavior because the line is an out of
bounds write.
Answer for question 1:
Error 1: The error will be detected in line 2 where the character array is declared and has length
of 10 bytes but the problem is the function strcpy() in line 5 is copying 11 characters, which also
includes a null character (Shahriar, Haddad and Vaidya, 2013).
In order to fix this error, an alteration in the length of the character array source should be made,
and the changed size should be 11 bytes.
Error 2: The definition for malloc() function in line 6 is wrong.
The correct approach to define malloc() for this program would be (Coker and Hafiz, 2013):
char *dest = (char *)malloc(strlen(source));
Error 3: In C programming language or any other programming language, the first position of an
array is indexed at 0 but, in this program, in line 7, the index value of i of the for loop is starting
from 1.
Solution to this problem would be to initialize the variable i in the for loop with 0.
Error 4: An error will occur in line 7, where the ending condition of the for loop is i<=11 and this
will lead the for loop to iterate additional one more time, even if it is not required by the
programmer.
In order to solve this error, the ending iteration value in the for loop should be changed to i< 11 or
i<=10.
Error 5: In line 10 of the code, it creates an undefined behavior because the line is an out of
bounds write.
4SECURE PROGRAMMING IN C
Removing the line 10 from the code will fix the error.
Answer for question 2:
1. There is no memory allocation as the exit() function in line 3(b) leads the program to stop
executing the codes after the exit() function and it just prints the statement within the printf()
function. In order to allocate memory the exit() function should be removed from the code.
2. Originally, the exit() function terminates the program before it can allocate any memory to the
program. To answer the question properly we have to assume that program runs perfectly without
any termination and memory allocation is also done in the program. The given code will definitely
create a buffer overflow because in line 7, the malloc() function, will allocate a memory stack of
220 bytes but the attacker is using 224 bytes which is a larger size than the allocated size of the
stack. Thus, this program is vulnerable to a stack overflow attack (Chen et al., 2013).
Removing the line 10 from the code will fix the error.
Answer for question 2:
1. There is no memory allocation as the exit() function in line 3(b) leads the program to stop
executing the codes after the exit() function and it just prints the statement within the printf()
function. In order to allocate memory the exit() function should be removed from the code.
2. Originally, the exit() function terminates the program before it can allocate any memory to the
program. To answer the question properly we have to assume that program runs perfectly without
any termination and memory allocation is also done in the program. The given code will definitely
create a buffer overflow because in line 7, the malloc() function, will allocate a memory stack of
220 bytes but the attacker is using 224 bytes which is a larger size than the allocated size of the
stack. Thus, this program is vulnerable to a stack overflow attack (Chen et al., 2013).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Secure Systems Programminglg...
|13
|1507
|3
Understanding Buffer Overflow: Stack and Heap Buffer Overflows, Exploiting Buffer Overflow, JOP and ROPlg...
|11
|1080
|283
Common Errors in C Programming and How to Fix Themlg...
|6
|1243
|342
Secure Systems Programming: Coursework 2lg...
|10
|2518
|90
Solution Question 1: 1) 2) 3) 4).lg...
|2
|340
|68
The code performs a sorting operationslg...
|4
|869
|15