LANGSEC. Arthur, Jan, Marco. Berlin, 14. Oktober Humboldt-Universität zu Berlin Institut für Informatik Lehrstuhl Praktische Informatik
|
|
- Dora York
- 6 years ago
- Views:
Transcription
1 (language-theoretic security) Humboldt-Universität zu Berlin Institut für Informatik Lehrstuhl Praktische Informatik Berlin, 14. Oktober 2016
2 (language-theoretic security) language-theoretic security theory extracted from practice what are exploits? why do they happen? how do they work? how to prevent them?
3 In Short (language-theoretic security) Lisp: code is data
4 In Short (language-theoretic security) Lisp: : code is data data is code
5 In Short (language-theoretic security) Lisp: : code is data data is code Exploits are unexpected computations that run on weird machines.
6 Example: PDF (language-theoretic security) the standard says: %PDF-1.5 header: %PDF- + version % (...file content goes here...) % at the end: xref % fixed-format(!) lookup table 0 23 % revision, #objects f % don t ask n % offset version n CRLF n % (...more object locations...) trailer << /Root 5 0 R % root node of document tree % (...more info...) >> startxref % ASCII decimal offset of xref %%EOF
7 (language-theoretic security) libpoppler: reading a PDF PDFDoc::PDFDoc( GooString *filename, GooString *ownerpw, GooString *userpw ) { Object obj; file = GooFile::open(fileName); if (file == NULL) { /* [...] error out */ } obj.initnull(); str = new FileStream(file, 0, gfalse, file->size(), &obj); ok = setup(ownerpassword, userpassword); } GBool PDFDoc::setup(GooString *ownerpassword, GooString * userpassword) { // Adobe does not seem to enforce %%EOF, so we do the same // if (!checkfooter()) return gfalse; checkheader(); /*...more stuff... */ }
8 (language-theoretic security) libpoppler: reading a PDF /* somewhere above: #define headersearchsize 1024 */ // Check for PDF header, skip past garbage if necessary. void PDFDoc::checkHeader() { char hdrbuf[headersearchsize+1], *p, *tokptr; int i; /* [...] copy headersearchsize bytes into hdrbuf */ for (i = 0; i < headersearchsize - 5; ++i) { if (!strncmp(&hdrbuf[i], "%PDF-", 5)) break; } if (i >= headersearchsize - 5) { error(errsyntaxwarning, -1, "May not be a PDF file ( continuing anyway)"); return; } if (!(p = strtok_r(&hdrbuf[i+5], " \t\n\r", &tokptr))) { error(errsyntaxwarning, -1, "May not be a PDF file ( continuing anyway)"); return; } sscanf(p, "%d.%d", &pdfmajorversion, &pdfminorversion); // We don t do the version check. Don t add it back in. }
9 (language-theoretic security) libpoppler: reading a PDF /* somewhere above: #define headersearchsize 1024 */ // Check for PDF header, skip past garbage if necessary. void PDFDoc::checkHeader() { char hdrbuf[headersearchsize+1], *p, *tokptr; int i; /* [...] copy headersearchsize bytes into hdrbuf */ for (i = 0; i < headersearchsize - 5; ++i) { if (!strncmp(&hdrbuf[i], "%PDF-", 5)) break; } if (i >= headersearchsize - 5) { error(errsyntaxwarning, -1, "May not be a PDF file ( continuing anyway)"); return; } if (!(p = strtok_r(&hdrbuf[i+5], " \t\n\r", &tokptr))) { error(errsyntaxwarning, -1, "May not be a PDF file ( continuing anyway)"); return; } sscanf(p, "%d.%d", &pdfmajorversion, &pdfminorversion); // We don t do the version check. Don t add it back in. }
10 (language-theoretic security) libpoppler: reading a PDF let s just stop here: it goes on like that... knowing the standard does not help at all for reasoning about actual systems plenty of room for unexpected behavior
11 Problems (language-theoretic security) recovery code / user friendliness / Postel Principle breaks simple theoretical models & specifications is part of the actual system more computational power & expressivity for attacker Postel s Robustness Principle be conservative in what you do, be liberal in what you accept from others.
12 Problems (language-theoretic security) parser as attack surface the whole system matters
13 (language-theoretic security)
14 (language-theoretic security)
15 (language-theoretic security) What are? naive approach: file has ONE data type A Polyglot is a file with various data types example: A PDF which is a ZIP-archive at the same time
16 (language-theoretic security) What are? naive approach: file has ONE data type A Polyglot is a file with various data types example: A PDF which is a ZIP-archive at the same time
17 (language-theoretic security) What are? naive approach: file has ONE data type A Polyglot is a file with various data types example: A PDF which is a ZIP-archive at the same time
18 (language-theoretic security) Why are interesting? shows the compromises IT has to deal with are de facto unavoidable shows ambiguity
19 (language-theoretic security) Why are interesting? shows the compromises IT has to deal with are de facto unavoidable shows ambiguity
20 (language-theoretic security) Why are interesting? shows the compromises IT has to deal with are de facto unavoidable shows ambiguity
21 (language-theoretic security) Our main aim while experimenting with First of all: understanding maybe finding a security problem
22 (language-theoretic security) Our main aim while experimenting with First of all: understanding maybe finding a security problem
23 (language-theoretic security) Demo
24 (language-theoretic security)
25 (language-theoretic security)
26 (language-theoretic security) A normal PNG that is rejected by MediaWiki.
27 (language-theoretic security) If you want to learn more... langsec.org for all things github.com/corkami/pics/ file formats International Journal of PoC GTFO, e.g. from read more code unzip this PDF
Vulnerability Report
Vulnerability Report Attacks bypassing the signature validation in PDF Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk November 08, 2018 Chair for Network
More informationThe pitfalls of protocol design
2014 IEEE Security and Privacy Workshops The pitfalls of protocol design Attempting to write a formally verified PDF parser Andreas Bogk Principal Security Architect HERE Berlin, Germany andreas.bogk@here.com
More informationPDF Essentials. The Structure of PDF Documents
Dr. Edgar Huckert 63773 Goldbach, Germany E-Mail: Huckert@compuserve.com 6-97 PDF Essentials PDF is an acronym for "Portable Document Format". The format has been designed by Adobe for the exchange of
More informationPDF PDF PDF PDF PDF internals PDF PDF
PDF Table of Contents Creating a simple PDF file...3 How to create a simple PDF file...4 Fonts explained...8 Introduction to Fonts...9 Creating a simple PDF file 3 Creating a simple PDF file Creating a
More informationThe Halting Problems of Network Stack Insecurity
The Halting Problems of Network Stack Insecurity Original paper 1 by Len Sassaman, Meredith L. Patterson, Sergey Bratus and Anna Shubina Pierre Pavlidès University of Birmingham - School of Computer Science
More informationELEC 377 Operating Systems. Week 4 Lab 2 Tutorial
ELEC 377 Operating Systems Week 4 Tutorial Modules Provide extensions to the kernel Device Drivers File Systems Extra Functionality int init_module() {.. do initialization stuff.... tell the kernel what
More informationRelease Notes for RasterMaster Release 14.11/19.11
Release Notes for RasterMaster Release 14.11/19.11 March 6, 2018 Important Notes JRE 1.6 support ended with RM 14.10/19.10 except for special arrangements. RM 14.11/19.11 is built against JRE 1.7. Any
More informationA Short Introduction to PDF
A Short Introduction to PDF Peter Fischer, ZITI, Uni Heidelberg 1 pdf vs. Postscript pdf describes graphics, text & document structure It uses vector graphics, very similar to postscript Some differences
More informationData Storage and Query Answering. Data Storage and Disk Structure (4)
Data Storage and Query Answering Data Storage and Disk Structure (4) Introduction We have introduced secondary storage devices, in particular disks. Disks use blocks as basic units of transfer and storage.
More informationCS 31: Intro to Systems Pointers and Memory. Martin Gagne Swarthmore College February 16, 2016
CS 31: Intro to Systems Pointers and Memory Martin Gagne Swarthmore College February 16, 2016 So we declared a pointer How do we make it point to something? 1. Assign it the address of an existing variable
More informationCS 31: Intro to Systems Pointers and Memory. Kevin Webb Swarthmore College October 2, 2018
CS 31: Intro to Systems Pointers and Memory Kevin Webb Swarthmore College October 2, 2018 Overview How to reference the location of a variable in memory Where variables are placed in memory How to make
More informationPDF. Applying File Structure Inspection to Detecting Malicious PDF Files. Received: November 18, 2013, Accepted: July 11, 2014
PDF 1,a) 2,b) 2 2013 11 18, 2014 7 11 MS Rich Text Compound File Binary PDF PDF PDF PDF 164 99.4% PDF Applying File Structure Inspection to Detecting Malicious PDF Files Yuhei Otsubo 1,a) Mamoru Mimura
More informationIntroduction to Java https://tinyurl.com/y7bvpa9z
Introduction to Java https://tinyurl.com/y7bvpa9z Eric Newhall - Laurence Meyers Team 2849 Alumni Java Object-Oriented Compiled Garbage-Collected WORA - Write Once, Run Anywhere IDE Integrated Development
More informationa Digital Preservation Coalition online event Preserving Documents Forever: When is a PDF not a PDF? PDF: Myths vs Facts
a Digital Preservation Coalition online event Preserving Documents Forever: When is a PDF not a PDF? PDF: Myths vs Facts Ange Albertini Oxford University, 15th July 2015 Ange Albertini reverse engineering
More informationCS102: Standard I/O. %<flag(s)><width><precision><size>conversion-code
CS102: Standard I/O Our next topic is standard input and standard output in C. The adjective "standard" when applied to "input" or "output" could be interpreted to mean "default". Typically, standard output
More informationSystem Security Class Notes 09/23/2013
System Security Class Notes 09/23/2013 1 Format String Exploits a Format String bugs The printf family consists of functions with variable arguments i printf (char* format, ) ii sprint (char* dest, char*
More informationLecture Topics. Administrivia
ECE498SL Lec. Notes L8PA Lecture Topics overloading pitfalls of overloading & conversions matching an overloaded call miscellany new & delete variable declarations extensibility: philosophy vs. reality
More informationCSci 4061 Introduction to Operating Systems. Input/Output: High-level
CSci 4061 Introduction to Operating Systems Input/Output: High-level I/O Topics First, cover high-level I/O Next, talk about low-level device I/O I/O not part of the C language! High-level I/O Hide device
More informationExploiting Computational Slack in Protocol Grammars
Exploiting Computational Slack in Protocol Grammars Meredith L. Patterson Independent Researcher Len Sassaman K.U. Leuven ESAT-COSIC / The Shmoo Group PH-Neutral 0x7da 29 May 2010 What This Talk Is Not
More informationRelease Notes for RasterMaster Release 14.12/19.12
Release Notes for RasterMaster Release 14.12/19.12 June 27, 2018 Table of Contents Important Notes Important Phone Numbers and Links New Features for RM 14.12/19.1 2 Closed/Fixed Issues for RM 14.12/19.1
More informationTable of contents. Zip Processor 3.0 DMXzone.com
Table of contents About Zip Processor 3.0... 2 Features In Detail... 3 Before you begin... 6 Installing the extension... 6 The Basics: Automatically Zip an Uploaded File and Download it... 7 Introduction...
More informationStorage and Indexing, Part I
Storage and Indexing, Part I Computer Science E-66 Harvard University David G. Sullivan, Ph.D. Accessing the Disk Data is arranged on disk in units called blocks. typically fairly large (e.g., 4K or 8K)
More informationSA30228 / CVE
Generated by Secunia 29 May, 2008 5 pages Table of Contents Introduction 2 Technical Details 2 Exploitation 4 Characteristics 4 Tested Versions 5 Fixed Versions 5 References 5 Generated by Secunia 29 May,
More informationStack Overflow COMP620
Stack Overflow COMP620 There are two kinds of people in America today: those who have experienced a foreign cyber attack and know it, and those who have experienced a foreign cyber attack and don t know
More informationSchool of Computer Science & Software Engineering The University of Western Australia. Mid-Semester Test September 2017
School of Computer Science & Software Engineering The University of Western Australia Mid-Semester Test September 2017 () This paper contains 1 section This paper contains: 8 pages (including this title
More informationBinghamton University. CS-211 Fall Syntax. What the Compiler needs to understand your program
Syntax What the Compiler needs to understand your program 1 Pre-Processing Any line that starts with # is a pre-processor directive Pre-processor consumes that entire line Possibly replacing it with other
More informationwe are here Page 1 Recall: How do we Hide I/O Latency? I/O & Storage Layers Recall: C Low level I/O
CS162 Operating Systems and Systems Programming Lecture 18 Systems October 30 th, 2017 Prof. Anthony D. Joseph http://cs162.eecs.berkeley.edu Recall: How do we Hide I/O Latency? Blocking Interface: Wait
More informationCSE/EEE 230 Computer Organization and Assembly Language
1 Instructions You may work in pairs with one partner on this assignment if you wish or you may work alone. If you work with a partner, only submit one file to Blackboard with both of your names in the
More informationLecture 15a Persistent Memory & Shared Pointers
Lecture 15a Persistent Memory & Shared Pointers Dec. 5 th, 2017 Jack Applin, Guest Lecturer 2017-12-04 CS253 Fall 2017 Jack Applin & Bruce Draper 1 Announcements PA9 is due today Recitation : extra help
More informationApplication security. Not so obvious vulnerabilities. Nicolas Grégoire / Agarri CERN
Application security Not so obvious vulnerabilities Nicolas Grégoire / Agarri CERN Outline PHP Laxism XML Risks Blacklist Evasion XSLT Madness $ Whoami Nicolas Grégoire / Agarri Founder 13 years of Infosec
More informationA Real Object File Format
A Real Object File Format Computer Science and Engineering College of Engineering The Ohio State University Lecture 28 Linking and Loading in Practice Real object files have multiple segments Text: read-only
More informationRequest for Comments: 913 September 1984
Network Working Group Request for Comments: 913 Mark K. Lottor MIT September 1984 STATUS OF THIS MEMO This RFC suggests a proposed protocol for the ARPA-Internet community, and requests discussion and
More information2SKILL. Variables Lesson 6. Remembering numbers (and other stuff)...
Remembering numbers (and other stuff)... Let s talk about one of the most important things in any programming language. It s called a variable. Don t let the name scare you. What it does is really simple.
More informationCompiler Construction D7011E
Compiler Construction D7011E Lecture 2: Lexical analysis Viktor Leijon Slides largely by Johan Nordlander with material generously provided by Mark P. Jones. 1 Basics of Lexical Analysis: 2 Some definitions:
More informationCS-220 Spring 2018 Test 1 Version A Feb. 28, Name:
CS-220 Spring 2018 Test 1 Version A Feb. 28, 2018 Name: 1. (10 points) For the following, Check T if the statement is true, the F if the statement is false. (a) T F : Every function definition in C must
More informationCS61, Fall 2012 Section 2 Notes
CS61, Fall 2012 Section 2 Notes (Week of 9/24-9/28) 0. Get source code for section [optional] 1: Variable Duration 2: Memory Errors Common Errors with memory and pointers Valgrind + GDB Common Memory Errors
More informationGoals for Today. CSE1030 Introduction to Computer Science II. CSE1030 Lecture #4. Review: Methods / Code
CSE1030 Introduction to Computer Science II Lecture #4 Non-Static Features of Java Classes II Goals for Today Goals: Theory: Introduction to Class Extension More (Non-Static) Parts of a Typical Class Practical:
More informationDAY 3. CS3600, Northeastern University. Alan Mislove
C BOOTCAMP DAY 3 CS3600, Northeastern University Slides adapted from Anandha Gopalan s CS132 course at Univ. of Pittsburgh and Pascal Meunier s course at Purdue Memory management 2 Memory management Two
More informationCaring for file formats. Ange Albertini Troopers 2016
Caring for file formats Ange Albertini Troopers 2016 TL;DR Attack surface with file formats is too big. Specs are useless (just a nice guide ), not representing reality. We can t deprecate formats because
More informationA heap, a stack, a bottle and a rack. Johan Montelius HT2017
Introduction A heap, a stack, a bottle and a rack. Johan Montelius HT2017 In this assignment you re going to investigate the layout of a process; where are the different areas located and which data structures
More informationHCA Tech Note 301: Using the CM15 with HCA and Windows 10
HCA Tech Note 301: Using the CM15 with HCA and Windows 10 NOTE: This technical note has been made obsolete by the discontinuation of support for the CM15. See the V15 release notes. In order to use the
More informationExploits and gdb. Tutorial 5
Exploits and gdb Tutorial 5 Exploits and gdb 1. Buffer Vulnerabilities 2. Code Injection 3. Integer Attacks 4. Advanced Exploitation 5. GNU Debugger (gdb) Buffer Vulnerabilities Basic Idea Overflow or
More informationCS 33. Introduction to C. Part 5. CS33 Intro to Computer Systems V 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 33 Introduction to C Part 5 CS33 Intro to Computer Systems V 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Basic Data Types int short char -2,147,483,648 2,147,483,647-32,768 32,767-128
More informationThe Magnificent Do. Paul M. Dorfman. SAS Consultant Jacksonville, FL
The Magnificent Do Paul M. Dorfman SAS Consultant Jacksonville, FL Q.: What is the DO statement in SAS NOT intended for? Doing all kinds of weird stuff with arrays Creating a perpetuum mobile Saving programming
More informationCS61 Section Notes. Section 5 (Fall 2011) Topics to be covered Common Memory Errors Dynamic Memory Allocation Assignment 3: Malloc
CS61 Section Notes Section 5 (Fall 2011) Topics to be covered Common Memory Errors Dynamic Memory Allocation Assignment 3: Malloc Common Memory Errors In lecture, we learned about several errors programmers
More informationwe are here I/O & Storage Layers Recall: C Low level I/O Recall: C Low Level Operations CS162 Operating Systems and Systems Programming Lecture 18
I/O & Storage Layers CS162 Operating Systems and Systems Programming Lecture 18 Systems April 2 nd, 2018 Profs. Anthony D. Joseph & Jonathan Ragan-Kelley http://cs162.eecs.berkeley.edu Application / Service
More informationThe type of all data used in a C (or C++) program must be specified
The type of all data used in a C (or C++) program must be specified A data type is a description of the data being represented That is, a set of possible values and a set of operations on those values
More informationCS162 - POINTERS. Lecture: Pointers and Dynamic Memory
CS162 - POINTERS Lecture: Pointers and Dynamic Memory What are pointers Why dynamically allocate memory How to dynamically allocate memory What about deallocation? Walk thru pointer exercises 1 CS162 -
More informationPRINCIPLES OF OPERATING SYSTEMS
PRINCIPLES OF OPERATING SYSTEMS Tutorial-1&2: C Review CPSC 457, Spring 2015 May 20-21, 2015 Department of Computer Science, University of Calgary Connecting to your VM Open a terminal (in your linux machine)
More informationCSE 12 Spring 2016 Week One, Lecture Two
CSE 12 Spring 2016 Week One, Lecture Two Homework One and Two: hw2: Discuss in section today - Introduction to C - Review of basic programming principles - Building from fgetc and fputc - Input and output
More informationDatabase Systems II. Record Organization
Database Systems II Record Organization CMPT 454, Simon Fraser University, Fall 2009, Martin Ester 75 Introduction We have introduced secondary storage devices, in particular disks. Disks use blocks as
More informationRCU. ò Walk through two system calls in some detail. ò Open and read. ò Too much code to cover all FS system calls. ò 3 Cases for a dentry:
Logical Diagram VFS, Continued Don Porter CSE 506 Binary Formats RCU Memory Management File System Memory Allocators System Calls Device Drivers Networking Threads User Today s Lecture Kernel Sync CPU
More informationVFS, Continued. Don Porter CSE 506
VFS, Continued Don Porter CSE 506 Logical Diagram Binary Formats Memory Allocators System Calls Threads User Today s Lecture Kernel RCU File System Networking Sync Memory Management Device Drivers CPU
More informationReview. Partitioning: Divide heap, use different strategies per heap Generational GC: Partition by age Most objects die young
Generational GC 1 Review Partitioning: Divide heap, use different strategies per heap Generational GC: Partition by age Most objects die young 2 Single-partition scanning Stack Heap Partition #1 Partition
More informationShould you know scanf and printf?
C-LANGUAGE INPUT & OUTPUT C-Language Output with printf Input with scanf and gets_s and Defensive Programming Copyright 2016 Dan McElroy Should you know scanf and printf? scanf is only useful in the C-language,
More informationlogistics: ROP assignment
bug-finding 1 logistics: ROP assignment 2 2013 memory safety landscape 3 2013 memory safety landscape 4 different design points memory safety most extreme disallow out of bounds usually even making out-of-bounds
More informationCS61C Machine Structures. Lecture 5 C Structs & Memory Mangement. 1/27/2006 John Wawrzynek. www-inst.eecs.berkeley.edu/~cs61c/
CS61C Machine Structures Lecture 5 C Structs & Memory Mangement 1/27/2006 John Wawrzynek (www.cs.berkeley.edu/~johnw) www-inst.eecs.berkeley.edu/~cs61c/ CS 61C L05 C Structs (1) C String Standard Functions
More informationProgramming Assignment 2
CS 122 Fall, 2004 Programming Assignment 2 New Mexico Tech Department of Computer Science Programming Assignment 2 CS122 Algorithms and Data Structures Due 11:00AM, Wednesday, October 13th, 2004 Objectives:
More informationWeek 9 Lecture 3. Binary Files. Week 9
Lecture 3 Binary Files 1 Reading and Writing Binary Files 2 Binary Files It is possible to write the contents of memory directly to a file. The bits need to be interpreted on input Possible to write out
More informationCS 451 Software Engineering Winter 2009
CS 451 Software Engineering Winter 2009 Yuanfang Cai Room 104, University Crossings 215.895.0298 yfcai@cs.drexel.edu 1 Software Testing Techniques FUNDAMENTALS The goal of testing is to find errors. A
More informationCS201 Lecture 2 GDB, The C Library
CS201 Lecture 2 GDB, The C Library RAOUL RIVAS PORTLAND STATE UNIVERSITY Announcements 2 Multidimensional Dynamically Allocated Arrays Direct access support. Same as Multidimensional Static Arrays No direct
More informationRecitation 7 Caches and Blocking. 9 October 2017
15-213 Recitation 7 Caches and Blocking 9 October 2017 Agenda Reminders Revisiting Cache Lab Caching Review Blocking to reduce cache misses Cache alignment Reminders Cache Lab is due Thursday! Exam1 is
More informationPrinceton University. Computer Science 217: Introduction to Programming Systems. Dynamic Memory Management
Princeton University Computer Science 217: Introduction to Programming Systems Dynamic Memory Management 1 Agenda The need for DMM DMM using the heap section DMMgr 1: Minimal implementation DMMgr 2: Pad
More informationCPSC 213. Introduction to Computer Systems. Procedures and the Stack. Unit 1e
CPSC 213 Introduction to Computer Systems Unit 1e Procedures and the Stack 1 Reading Companion 2.8 Textbook Procedures, Out-of-Bounds Memory References and Buffer Overflows 3.7, 3.12 2 Local Variables
More information5/29/2006. Announcements. Last Time. Today. Text File I/O Sample Programs. The File Class. Without using FileReader. Reviewed method overloading.
Last Time Reviewed method overloading. A few useful Java classes: Other handy System class methods Wrapper classes String class StringTokenizer class Assn 3 posted. Announcements Final on June 14 or 15?
More informationParser Combinators 11/3/2003 IPT, ICS 1
Parser Combinators 11/3/2003 IPT, ICS 1 Parser combinator library Similar to those from Grammars & Parsing But more efficient, self-analysing error recovery 11/3/2003 IPT, ICS 2 Basic combinators Similar
More informationPortable Document Format (PDF): Security Analysis and Malware Threats
Portable Document Format (PDF): Security Analysis and Malware Threats Alexandre Blonce Eric Filiol (speaker) efiliol@esat.terre.defense.gouv.fr Laurent Frayssignes French Army Signals Academy (ESAT) Virology
More information,879 B FAT #1 FAT #2 root directory data. Figure 1: Disk layout for a 1.44 Mb DOS diskette. B is the boot sector.
Homework 11 Spring 2012 File Systems: Part 2 MAT 4970 April 18, 2012 Background To complete this assignment, you need to know how directories and files are stored on a 1.44 Mb diskette, formatted for DOS/Windows.
More informationData Blocks: Hybrid OLTP and OLAP on compressed storage
Data Blocks: Hybrid OLTP and OLAP on compressed storage Ben Brümmer Technische Universität München Fürstenfeldbruck, 26. November 208 Ben Brümmer 26..8 Lehrstuhl für Datenbanksysteme Problem HDD/Archive/Tape-Storage
More informationTriggering Deep Vulnerabilities Using Symbolic Execution
Triggering Deep Vulnerabilities Using Symbolic Execution Dan Caselden, Alex Bazhanyuk, Mathias Payer, Stephen McCamant, Dawn Song, and many other awesome researchers, coders, and reverse engineers in the
More informationUsing the Signature Editor
CHAPTER 12 Revised: December 14, 2011, Introduction This module describes the Signature Editor tool and how to use it to create and modify Dynamic Signature Script (DSS) files. The Signature Editor tool
More informationHomework #2 Think in C, Write in Assembly
Homework #2 Think in C, Write in Assembly Assigned: Friday 06 Sep 2013 Due: Monday 16 Sep 2013 (by 23:59:59) Converting C to MIPS Assembly For each block of C code below, convert it into an equivalent
More informationAuto Upgrade. Auto upgrade - Network Method
Auto Upgrade This section provides procedures on how to upgrade your generator using the auto upgrade feature. Note that there are also procedures for manually upgrading your 880 series generator, refer
More informationDefeat Exploit Mitigation Heap Attacks. compass-security.com 1
Defeat Exploit Mitigation Heap Attacks compass-security.com 1 ASCII Armor Arbitrary Write Overflow Local Vars Exploit Mitigations Stack Canary ASLR PIE Heap Overflows Brute Force Partial RIP Overwrite
More informationCSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks
CSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks 1) What will be the output of the following C program when
More informationHow to use ISaGRAF functions to read multiple strings from a file?
Author Janice Hong Version 1.0.0 Date Feb. 2014 Page 1 / 10 How to use ISaGRAF functions to read multiple strings from a file? This FAQ-172 provides an ISaGRAF demo program to show the way to use the MSGARY_R(addr)
More informationG52CPP C++ Programming Lecture 3. Dr Jason Atkin
G52CPP C++ Programming Lecture 3 Dr Jason Atkin E-Mail: jaa@cs.nott.ac.uk 1 Revision so far C/C++ designed for speed, Java for catching errors Java hides a lot of the details (so can C++) Much of C, C++
More informationCS61C : Machine Structures
inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 5 C Memory Management Lecturer PSOE Dan Garcia www.cs.berkeley.edu/~ddgarcia CS61C L05 C Structures, Memory Management (1) 2005-01-28 The
More informationPatterns for object creation
Persistence Patterns for object creation class Thing public: static Thing* create(const char* afile); ~Thing(); private: } Thing(); bool init(const char* afile); Patterns for object creation Thing* Thing::create(const
More informationCSE 12 Spring 2018 Week One, Lecture Two
CSE 12 Spring 2018 Week One, Lecture Two Homework One and Two: - Introduction to C - Review of basic programming principles - Building from fgetc and fputc - Input and output strings and numbers - Introduction
More informationName: uteid: 1. CS439H: Fall 2011 Midterm 1
Name: uteid: 1 Instructions CS439H: Fall 2011 Midterm 1 Stop writing when time is announced at the end of the exam. I will leave the room as soon as I ve given people a fair chance to bring me the exams.
More information[2:3] Linked Lists, Stacks, Queues
[2:3] Linked Lists, Stacks, Queues Helpful Knowledge CS308 Abstract data structures vs concrete data types CS250 Memory management (stack) Pointers CS230 Modular Arithmetic !!!!! There s a lot of slides,
More informationCS/COE 1501
CS/COE 1501 www.cs.pitt.edu/~nlf4/cs1501/ Compression What is compression? Represent the same data using less storage space Can get more use out a disk of a given size Can get more use out of memory E.g.,
More informationThe SECURE Project and GCC
The SECURE Project and GCC Security Enhancing Compilers for Use in Real-world Environments Speaker: Graham Markall graham.markall@embecosm.com Contributors: Jeremy Bennett, Craig Blackmore, Simon Cook,
More informationTMQL issues. October 14, slide 1
TMQL issues October 14, 2007 http://www.isotopicmaps.org slide 1 Support for transitive closures We think TMQL needs to support transitive closures on query expressions Something like root-node (
More informationALTER TABLE Improvements in MARIADB Server. Marko Mäkelä Lead Developer InnoDB MariaDB Corporation
ALTER TABLE Improvements in MARIADB Server Marko Mäkelä Lead Developer InnoDB MariaDB Corporation Generic ALTER TABLE in MariaDB CREATE TABLE ; INSERT SELECT; RENAME ; DROP TABLE ; Retroactively named
More informationCS61C Machine Structures. Lecture 4 C Structs & Memory Management. 9/5/2007 John Wawrzynek. www-inst.eecs.berkeley.edu/~cs61c/
CS61C Machine Structures Lecture 4 C Structs & Memory Management 9/5/2007 John Wawrzynek (www.cs.berkeley.edu/~johnw) www-inst.eecs.berkeley.edu/~cs61c/ CS 61C L04 C Structs (1) C String Standard Functions
More informationThe name of our class will be Yo. Type that in where it says Class Name. Don t hit the OK button yet.
Mr G s Java Jive #2: Yo! Our First Program With this handout you ll write your first program, which we ll call Yo. Programs, Classes, and Objects, Oh My! People regularly refer to Java as a language that
More informationASCII American Standard Code for Information Interchange. Text file is a sequence of binary digits which represent the codes for each character.
Project 2 1 P2-0: Text Files All files are represented as binary digits including text files Each character is represented by an integer code ASCII American Standard Code for Information Interchange Text
More informationBluepoint AIS File Export PS_BPAIS Application 13352
Bluepoint AIS File Export PS_BPAIS Application 13352 Bluepoint AIS File Export 2011-2014 Fiserv, Inc. or its affiliates. All rights reserved. This work is confidential and its use is strictly limited.
More informationMPATE-GE 2618: C Programming for Music Technology. Unit 4.1
MPATE-GE 2618: C Programming for Music Technology Unit 4.1 Memory Memory in the computer can be thought of as a long string of consecutive bytes. Each byte has a corresponding address. When we declare
More informationInstantiation of Template class
Class Templates Templates are like advanced macros. They are useful for building new classes that depend on already existing user defined classes or built-in types. Example: stack of int or stack of double
More informationCSE 374 Final Exam Sample Solution 3/17/11
Question 1. (12 points) (testing) In Homework 5, many solutions included a function to add or insert a new word into the trie, creating appropriate strings and nodes as needed (something like insert(char
More informationParsing and Pattern Recognition
Topics in IT 1 Parsing and Pattern Recognition Week 10 Lexical analysis College of Information Science and Engineering Ritsumeikan University 1 this week mid-term evaluation review lexical analysis its
More informationThe output will be: marks all or nothing. 1 #include <stdio.h> 2 main() { 3 int i; int j; 4 int *p; int *q; 6 p = &i; 7 q = &j; 8 i = 1;
p. 2 of 9 Q1. [5 marks] The following program compiles and runs with no problems. Indicate what the output of the program is going to be (no explanation necessary). 1 #include 2 main() { 3 int
More informationFiles and Streams Opening and Closing a File Reading/Writing Text Reading/Writing Raw Data Random Access Files. C File Processing CS 2060
CS 2060 Files and Streams Files are used for long-term storage of data (on a hard drive rather than in memory). Files and Streams Files are used for long-term storage of data (on a hard drive rather than
More informationCSE 333 Midterm Exam July 24, Name UW ID#
Name UW ID# There are 6 questions worth a total of 100 points. Please budget your time so you get to all of the questions. Keep your answers brief and to the point. The exam is closed book, closed notes,
More informationPost exploitation techniques on OSX and Iphone. Vincenzo Iozzo
Post exploitation techniques on OSX and Iphone Vincenzo Iozzo vincenzo.iozzo@zynamics.com Who I am Student at Politecnico di Milano Security Consultant at Secure Network srl Reverse Engineer at zynamics
More informationCache Lab Implementation and Blocking
Cache Lab Implementation and Blocking Lou Clark February 24 th, 2014 1 Welcome to the World of Pointers! 2 Class Schedule Cache Lab Due Thursday. Start soon if you haven t yet! Exam Soon! Start doing practice
More informationFinal assignment: Hash map
Final assignment: Hash map 1 Introduction In this final assignment you will implement a hash map 1. A hash map is a data structure that associates a key with a value (a chunk of data). Most hash maps are
More information