Computers and Technology, 24.06.2019 21:30 keelynnbarrier
Computer security/cybersecurity1) each of the following code fragments contains a number of security vulnerabilities. for each fragment, identify these security vulnerabilities and, for each vulnerability, discuss at least one way that it could be improved. note that in your discussion of how each vulnerability could be improved, you do not need to re-write a new version of the program in c; simply discuss your solution, either in pseudocode or in 1-2 sentences. a) /* file descriptor leak */#include #include int main(int argc, char *argv[]){ char *filepath = argv[0]; char *shellpath = argv[1]; file *passwords; passwords = fopen(filepath, "r"); /* read the password and do something with it */ /* . . */ /* fork and execute alternative shell */ execl(shellpath, "shell", null); }b)#include /* assume the following function is written for an electronic storefront. the user will enter the id of the item to be ordered, as well as the quantity of units that they would like to purchase. the program will then lookup the price for the price for the item using a predefined function, and return the total cost of the order.*/int gettotalcost(){ char itemid[9]; int price, unitsordered, cost; printf(" enter the 9-digit id of the item to be ordered: "); scanf("%s", & itemid); /* lookup the price according to the itemid */ price = getpricebyid(itemid); printf(" enter the quantity of units to be ordered: "); scanf("%d", & unitsordered); cost = price * unitsordered; return cost; }c)#include /* the following function is intended to return a user's full name by concatenating the user's first and last name into a single string and then returning that string. */char *getfullname(char *firstname, char *lastname, int max_len){ char fullname[max_len]; strcpy(fullname, firstname); strcat(fullname, " "); strcat(fullname, lastname); return fullname; }d)#include /* the following code snippet runs through the list of cli arguments entered and displays them to the console. */int main(int argc, char *argv[]){ int i; printf("you've entered the following arguments: "); for(i = 0; i < argc; i++){ print(argv[i]); printf("\n"); } /* */}
Answers: 2
Another question on Computers and Technology
Computers and Technology, 22.06.2019 15:10
Consider a direct-mapped cache with 216 words in main memory. the cache has 16 blocks of 8 words each. it is a word-addressable computer (rather than a byte-addressable computer which we normally discuss). (a) how many blocks of main memory are there? (b) what is the format of a memory address as seen by the cache, that is, what are the sizes of the tag, cache block, and block offset fields (if they apply)? (c) to which cache block will the memory reference db6316 map?
Answers: 1
Computers and Technology, 22.06.2019 22:40
When you type the pwd command, you notice that your current location on the linux filesystem is the /usr/local directory. answer the following questions, assuming that your current directory is /usr/local for each question. a. which command could you use to change to the /usr directory using an absolute pathname? b. which command could you use to change to the /usr directory using a relative pathname? c. which command could you use to change to the /usr/local/share/info directory using an absolute pathname? d. which command could you use to change to the /usr/local/share/info directory using a relative pathname? e. which command could you use to change to the /etc directory using an absolute pathname? f. which command could you use to change to the /etc directory using a relative pathname?
Answers: 3
Computers and Technology, 23.06.2019 03:30
In vista and windows 7, the appearance and personalization option allows you to change the
Answers: 1
Computers and Technology, 23.06.2019 18:30
Janice recently received her college degree and is looking for a job. she is worried that since she just finished school, she will be required to repay her perkins and direct subsidized loans immediately. janice pulls out the paperwork she signed and reviews it again for repayment information. after reading all of the information, janice discovers that
Answers: 2
You know the right answer?
Computer security/cybersecurity1) each of the following code fragments contains a number of security...
Questions
History, 23.05.2020 01:02
Mathematics, 23.05.2020 01:02
Biology, 23.05.2020 01:02
Geography, 23.05.2020 01:02
Mathematics, 23.05.2020 01:02
Health, 23.05.2020 01:02
Physics, 23.05.2020 01:02
Mathematics, 23.05.2020 01:02
