Computers and Technology, 21.04.2020 01:38 Will1119
Each of the following code fragments contains a number of security vulnerabilities. For each fragment, identify these security vulnerabilities and, for each vulnerability, discuss at least one way that it could be improved. Note that in your discussion of how each vulnerability could be improved, you do not need to re-write a new version of the program in C; simply discuss your solution, either in pseudocode or in 1-2 sentences.
a) /* File Descriptor Leak */
#include
#include
int main(int argc, char *argv[]){
char *filePath = argv[0];
char *shellPath = argv[1];
FILE *passwords;
passwords = fopen(filePath, "r");
/* Read the password and do something with it */
/* . . . */
/* Fork and execute alternative shell */
execl(shellPath, "shell", NULL);
}
b) #include
/*
Assume the following function is written for an electronic storefront.
The user will enter the ID of the item to be ordered, as well
as the quantity of units that they would like to purchase.
The program will then lookup the price for the price for the
item using a predefined function, getPriceByID(), and return
the total cost of the order.
*/
int getTotalCost(){
char itemID[9];
int price, unitsOrdered, cost;
printf("Please enter the 9-digit ID of the item to be ordered: ");
scanf("%s", &itemID);
/* lookup the price according to the itemID */
price = getPriceByID(itemID);
printf("Please enter the quantity of units to be ordered: ");
scanf("%d", &unitsOrdered);
cost = price * unitsOrdered;
return cost;
}
c) #include
/* The following function is intended to return a user's full name
by concatenating the user's first and last name into a single string
and then returning that string. */
char *getFullName(char *firstName, char *lastName, int MAX_LEN){
char fullName[MAX_LEN];
strcpy(fullName, firstName);
strcat(fullName, " ");
strcat(fullName, lastName);
return fullName;
}
d) #include
/* The following code snippet runs through the list of CLI arguments
entered and displays them to the console. */
int main(int argc, char *argv[]){
int i;
printf("You've entered the following arguments: ");
for(i = 0; i < argc; i++){
print(argv[i]);
printf("\n");
}
/* ... */
}
Answers: 3
Other questions on the subject: Computers and Technology
Computers and Technology, 23.06.2019 11:30, leapfroggiez
Auser is given read permission to a file stored on an ntfs-formatted volume. the file is then copied to a folder on the same ntfs-formatted volume where the user has been given full control permission for that folder. when the user logs on to the computer holding the file and accesses its new location via a drive letter, what is the user's effective permission to the file? a. read b. full control c. no access d. modify e. none of the above
Answers: 1
Computers and Technology, 23.06.2019 17:30, kenyasutton10
What are the most commonly found items in the trash according to the municipal solid waste report?
Answers: 1
Computers and Technology, 24.06.2019 09:00, king514
Technician a says that a new replacement part is always good. technician b says that sometimes recent repair work will be the cause of a complaint. who is correct? a. both technicians a and b b. technician a c. technician b d. neither technician a nor b
Answers: 3
You know the right answer?
Each of the following code fragments contains a number of security vulnerabilities. For each fragmen...
Questions in other subjects:
Mathematics, 26.05.2021 01:00
Biology, 26.05.2021 01:00
Health, 26.05.2021 01:00
Mathematics, 26.05.2021 01:00
Mathematics, 26.05.2021 01:00
