Meaningful Variable Names for Decompiled Code: A Machine Translation Approach
|
|
- Abner Nichols
- 5 years ago
- Views:
Transcription
1 Meaningful Variable Names for Decompiled Code: A Machine Translation Approach Alan Jaffe, Jeremy Lacomis, Edward J. Schwartz*, Claire Le Goues, and Bogdan Vasilescu *
2 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); 2
3 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); 3
4 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); Decompiled C Code: cp = buf; (void)asxtab(level + 1); for (n = asncontents(asn, buf, 512); n > 0; n--) { printf(" %02X ", *(cp++)); v14 = &v15; asxtab(a2 + 1); for (v13 = asncontents(a1, &v15, 512LL); v13 > 0; --v13) { v9 = (unsignedchar*)(v14++); printf(" %02X ", *v9); 4
5 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); Decompiled C Code: cp = buf; (void)asxtab(level + 1); for (n = asncontents(asn, buf, 512); n > 0; n--) { printf(" %02X ", *(cp++)); v14 = &v15; asxtab(a2 + 1); for (v13 = asncontents(a1, &v15, 512LL); v13 > 0; --v13) { v9 = (unsignedchar*)(v14++); printf(" %02X ", *v9); 5
6 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); Software is natural [Hindle et al., 2011]. 6
7 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); Software is natural [Hindle et al., 2011]. Use large corpora + machine learning to predict better identifier names. Corpora are easy to generate! 7
8 Problem: Obfuscated Variable Names in Code Minified JavaScript: function callback(error, response, body) { if (!error && response.statuscode == 200) { var info = JSON.parse(body); function callback(o, s, a) { if (!o && s.statuscode == 200) { var c = JSON.parse(a); Software is natural [Hindle et al., 2011]. Use large corpora + machine learning to predict better identifier names. Corpora are easy to generate! Bavishi et al., Context2Name, 2017 Vasilescu et al., JSNaughty, 2017 Raychev et al., JSNice,
9 Problem: Obfuscated Variable Names in Code Can we use similar strategies for decompiled code? Decompiled C Code: cp = buf; (void)asxtab(level + 1); for (n = asncontents(asn, buf, 512); n > 0; n--) { printf(" %02X ", *(cp++)); v14 = &v15; asxtab(a2 + 1); for (v13 = asncontents(a1, &v15, 512LL); v13 > 0; --v13) { v9 = (unsignedchar*)(v14++); printf(" %02X ", *v9); 9
10 Statistical Machine Translation (SMT) Noisy channel model 10
11 Statistical Machine Translation (SMT) Noisy channel model English à French: 11
12 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche! 12
13 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche!!"#$!% & ( ) *) 13
14 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche! "#$%"& ' ) + *) ) * +) )(+) = "#$%"& ' )(*) = "#$%"& ' ) * +) )(+) 14
15 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche! "#$%"& ' ) + *) ) * +) )(+) = "#$%"& ' )(*) = "#$%"& ' ) * +) )(+) Translation Model: Probability that f is a translation of e 15
16 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche! "#$%"& ' ) + *) ) * +) )(+) = "#$%"& ' )(*) = "#$%"& ' ) * +) )(+) Language Model: Fluency of e 16
17 Statistical Machine Translation (SMT) Noisy channel model English à French: Go do some research! Va faire de la recherche! "#$%"& ' ) + *) ) * +) )(+) = "#$%"& ' )(*) = "#$%"& ' ) * +) )(+) ) * +): Translation Model )(+): Language Model MOSES SMT: 17
18 SMT Model for Natural Language Aligned French/English corpus English corpus 18
19 SMT Model for Minified JavaScript Aligned original/minified source corpus Original source corpus 19
20 Problem: Obfuscated Identifiers in Code Can we use SMT for decompiled code? Decompiled C Code: cp = buf; (void)asxtab(level + 1); for (n = asncontents(asn, buf, 512); n > 0; n--) { printf(" %02X ", *(cp++)); v14 = &v15; asxtab(a2 + 1); for (v13 = asncontents(a1, &v15, 512LL); v13 > 0; --v13) { v9 = (unsignedchar*)(v14++); printf(" %02X ", *v9); 21
21 SMT Model for Decompiled Code? Aligned original/decompiled source corpus Original source corpus 22
22 SMT Model for Decompiled Code? Nontrivial Aligned original/decompiled source corpus Original source corpus 23
23 Difficulty: Decompilation Changes Structure Original Source int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 24
24 Difficulty: Decompilation Changes Structure 9 Lines Original Source 8 Lines int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Different line count. 25
25 Difficulty: Decompilation Changes Structure Original Source int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Different line count. Different numbers of variables. 26
26 Difficulty: Decompilation Changes Structure Original Source int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Different line count. Different numbers of variables. Different types of loops. 27
27 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 28
28 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Original Code 29
29 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Original Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 30
30 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Original Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 31
31 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Original Code int v1 = 0; int ; for ( = 0; < 10; ++ ) printf("%d\n", ); return v1; 32
32 Decompiled Code Corpus Generation Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Original Code int v1 = 0; int cur; for (cur = 0; cur < 10; ++cur) printf("%d\n", cur); return v1; Renamed Decompiled Code 33
33 Better SMT Model for Decompiled Code Aligned renamed/decompiled source corpus Renamed source corpus 36
34 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 37
35 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; 38
36 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Not used as the return value. 39
37 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Not used as the return value. Used inside of a loop. 40
38 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Not used as the return value. Used inside of a loop. Used in a function call. 41
39 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int v2; for (v2 = 0; v2 < 10; ++v2) printf("%d\n", v2); return v1; Not used as the return value. Used inside of a loop. Used in a function call. Same operations. 42
40 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int ; for ( = 0; < 10; ++ ) printf("%d\n", ); return v1; Not used as the return value. Used inside of a loop. Used in a function call. Same operations. 43
41 Choosing Renamings Original Code int cur = 0; while (cur <= 9) { printf("%d\n", cur); ++cur; return 0; Decompiled Code int v1 = 0; int cur; for (cur = 0; cur < 10; ++cur) printf("%d\n", cur); return v1; Not used as the return value. Used inside of a loop. Used in a function call. Same operations. 44
42 System Architecture 45
43 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) 46
44 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Decompiled my_rc base2_string(base2_handle a1, char* a2, size_t a3) 47
45 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Decompiled my_rc base2_string(base2_handle a1, char* a2, size_t a3) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 48
46 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 49
47 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) Exact 50
48 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) Approx 51
49 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled Not a match my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 52
50 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 12.7% Exact 16.2% Exact + Approx 53
51 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Renamed Decompiled Not a match my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 12.7% Exact 16.2% Exact + Approx 54
52 Results and Evaluation Original my_rc base2_string(base2_handle base2_h, char* buffer, size_t buffer_size) Decompiled my_rc base2_string(base2_handle a1, char* a2, size_t a3) Renamed Decompiled my_rc base2_string(base2_handle base2_h, char* buf, size_t len) 12.7% Exact 16.2% Exact + Approx 55
53 Preliminary Investigation: Human Study Presented users with short snippets (<50 lines) of decompiled code, asked to perform various maintenance tasks, graded and timed: 56
54 Preliminary Investigation: Human Study Presented users with short snippets (<50 lines) of decompiled code, asked to perform various maintenance tasks, graded and timed: 1 int x = 1; 2 int y = 0; 3 while (x <= 5) { 4 y += 2; 5 x += 1; 6 7 printf("%d", y); - What is the value of the variable y on line 7? 57
55 Preliminary Investigation: Human Study Presented users with short snippets (<50 lines) of decompiled code, asked to perform various maintenance tasks, graded and timed: 1 int x = 1; 2 int y = 0; 3 while (x <= 5) { 4 y += 2; 5 x += 1; 6 7 printf("%d", y); - What is the value of the variable y on line 7? For correct answers, the time to answer using our renamings was statistically significantly lower than when using the decompiler names. 58
56 Conclusion Questions? Suggestions? System Architecture 45 59
Meaningful Variable Names for Decompiled Code: A Machine Translation Approach
A Machine Translation Approach Alan Jaffe Carnegie Mellon University apjaffe@andrew.cmu.edu Jeremy Lacomis Carnegie Mellon University jlacomis@cmu.edu Edward J. Schwartz Carnegie Mellon University Software
More informationRecovering Clear, Natural Identifiers from Obfuscated (JavaScript) Names
Bogdan Vasilescu (CMU, ISR) @b_vasilescu Casey Casalnuovo (UCDavis) Prem Devanbu (UCDavis) @devanbu Recovering Clear, Natural Identifiers from Obfuscated (JavaScript) Names @b_vasilescu Today var geom2d
More informationCSE 220: Systems Programming
CSE 220: Systems Programming Pointers and Data Representation Ethan Blanton Department of Computer Science and Engineering University at Buffalo More on void Pointers Void pointers are powerful for raw
More informationAdministrivia. Introduction to Computer Systems. Pointers, cont. Pointer example, again POINTERS. Project 2 posted, due October 6
CMSC 313 Introduction to Computer Systems Lecture 8 Pointers, cont. Alan Sussman als@cs.umd.edu Administrivia Project 2 posted, due October 6 public tests s posted Quiz on Wed. in discussion up to pointers
More informationECE 264 Exam 2. 6:30-7:30PM, March 9, You must sign here. Otherwise you will receive a 1-point penalty.
ECE 264 Exam 2 6:30-7:30PM, March 9, 2011 I certify that I will not receive nor provide aid to any other student for this exam. Signature: You must sign here. Otherwise you will receive a 1-point penalty.
More informationParameter passing. Programming in C. Important. Parameter passing... C implements call-by-value parameter passing. UVic SEng 265
Parameter passing Programming in C UVic SEng 265 Daniel M. German Department of Computer Science University of Victoria 1 SEng 265 dmgerman@uvic.ca C implements call-by-value parameter passing int a =
More informationEXAM (Tentamen) TDDI11 Embedded Software. Good Luck! :00-12:00. On-call (jour): Admitted material: General instructions:
On-call (jour): Mikael Asplund, 013-282668 EXAM (Tentamen) TDDI11 Embedded Software 2016-08-17 08:00-12:00 Admitted material: Dictionary from English to your native language General instructions: The assignments
More informationCS 33. Architecture and the OS. CS33 Intro to Computer Systems XIX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 33 Architecture and the OS CS33 Intro to Computer Systems XIX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. The Operating System My Program Mary s Program Bob s Program OS CS33 Intro to
More informationCS 33. Introduction to C. Part 5. CS33 Intro to Computer Systems V 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 33 Introduction to C Part 5 CS33 Intro to Computer Systems V 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Basic Data Types int short char -2,147,483,648 2,147,483,647-32,768 32,767-128
More information1 SAT-DANCE-HEULE INTRO 1
1 SAT-DANCE-HEULE INTRO 1 May 19, 2018 at 02:31 1. Intro. Given an exact cover problem, presented on stdin in the format used by DANCE, we generate clauses for an equivalent satisfiability problem in the
More information16.216: ECE Application Programming Fall 2011
16.216: ECE Application Programming Fall 2011 Exam 2 Solution 1. (24 points, 6 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by circling
More informationCS 33. Architecture and the OS. CS33 Intro to Computer Systems XIX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.
CS 33 Architecture and the OS CS33 Intro to Computer Systems XIX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved. The Operating System My Program Mary s Program Bob s Program OS CS33 Intro to
More informationEECE.2160: ECE Application Programming Spring 2018
EECE.2160: ECE Application Programming Spring 2018 1. (46 points) C input/output; operators Exam 1 Solution a. (13 points) Show the output of the short program below exactly as it will appear on the screen.
More informationLinked data structures. EECS 211 Winter 2019
Linked data structures EECS 211 Winter 2019 2 Initial code setup $ cd eecs211 $ curl $URL211/lec/07linked.tgz tar zx $ cd 07linked Preliminaries 3 4 Two views on malloc and free The client/c view: malloc(n)
More informationCS 288: Statistical NLP Assignment 1: Language Modeling
CS 288: Statistical NLP Assignment 1: Language Modeling Due September 12, 2014 Collaboration Policy You are allowed to discuss the assignment with other students and collaborate on developing algorithms
More informationIntroduction to Programming in Turing. Input, Output, and Variables
Introduction to Programming in Turing Input, Output, and Variables The IPO Model The most basic model for a computer system is the Input-Processing-Output (IPO) Model. In order to interact with the computer
More informationQ1: Functions / 33 Q2: Arrays / 47 Q3: Multiple choice / 20 TOTAL SCORE / 100 Q4: EXTRA CREDIT / 10
EECE.2160: ECE Application Programming Spring 2018 Exam 2 March 30, 2018 Name: Lecture time (circle 1): 8-8:50 (Sec. 201) 12-12:50 (Sec. 202) For this exam, you may use only one 8.5 x 11 double-sided page
More informationLearning Programs from Noisy Data
Learning Programs from Noisy Data Veselin Raychev Pavol Bielik Martin Vechev Andreas Krause ETH Zurich Why learn programs from examples? Input/output examples often easier to provide examples than specification
More information... Lecture 12. Pointers
Copyright 1996 David R. Hanson Computer Science 126, Fall 1996 12-1 Lecture 12. Pointers Variables denote locations in memory that can hold values; arrays denote contiguous locations int i = 8, sum = -456;
More informationCPS 310 midterm exam #1, 2/17/2017
CPS 310 midterm exam #1, 2/17/2017 Your name please: NetID: Sign for your honor: Answer all questions. Please attempt to confine your answers to the boxes provided. If you don t know the answer to a question,
More informationEECE.2160: ECE Application Programming Fall 2017 Exam 3 December 16, 2017
EECE.2160: ECE Application Programming Fall 2017 Exam 3 December 16, 2017 Name: Lecture time (circle 1): 8-8:50 (Sec. 201) 12-12:50 (Sec. 203) 1-1:50 (Sec. 202) For this exam, you may use only one 8.5
More informationRecovering Clear, Natural Identifiers from Obfuscated JS Names
Recovering Clear, Natural Identifiers from Obfuscated JS Names Bogdan Vasilescu School of Computer Science Carnegie Mellon University, USA vasilescu@cmu.edu Casey Casalnuovo Computer Science Department
More informationUse a calculator and c = 2 π r to calculate the circumference of a circle with a radius of 1.0.
Floating Point Math Submitted by Andy Lindsay on Thu, 03/21/2013-16:37 original source: http://learn.parallax.com/propeller-c-start-simple/floating-point-math Lesson edited to work with Dev-C++ IDE by
More informationMEMORY SAFETY ATTACKS & DEFENSES
MEMORY SAFETY ATTACKS & DEFENSES CMSC 414 FEB 06 2018 void safe() { char buf[80]; fgets(buf, 80, stdin); void safer() { char buf[80]; fgets(buf, sizeof(buf), stdin); void safe() { char buf[80]; fgets(buf,
More informationCOMP 2355 Introduction to Systems Programming
COMP 2355 Introduction to Systems Programming Christian Grothoff christian@grothoff.org http://grothoff.org/christian/ 1 Pointers Pointers denote addresses in memory In C types, the * represents the use
More informationUniversity of Maryland College Park Dept of Computer Science CMSC106 Fall 2016 Midterm I
University of Maryland College Park Dept of Computer Science CMSC106 Fall 2016 Midterm I Last Name (PRINT): First Name (PRINT): University Directory ID (e.g., umcpturtle) I pledge on my honor that I have
More informationWelcome! COMP s1. Programming Fundamentals
Welcome! 0 COMP1511 18s1 Programming Fundamentals COMP1511 18s1 Lecture 7 1 Strings Andrew Bennett chars arrays of chars strings 2 Before we begin introduce yourself to the
More informationWelcome! COMP s1 Lecture 7. COMP s1. Before we begin. Strings. Programming Fundamentals. Overview. Andrew Bennett
Welcome! COMP1511 18s1 Programming Fundamentals 0 COMP1511 18s1 Lecture 7 Strings Andrew Bennett 1 chars arrays of chars strings Before we begin 2 Overview after this lecture,
More informationREPAIRING PROGRAMS WITH SEMANTIC CODE SEARCH. Yalin Ke Kathryn T. Stolee Claire Le Goues Yuriy Brun
REPAIRING PROGRAMS WITH SEMANTIC CODE SEARCH Yalin Ke Kathryn T. Stolee Claire Le Goues Yuriy Brun Iowa State Iowa State Carnegie Mellon UMass Amherst 1 Input: buggy program, tests Output: fixed program
More informationOverflows, Injection, & Memory Safety
Overflows, Injection, & Memory Safety 1 Announcements... Computer Science 161 Fall 2018 Project 1 is now live! Due Friday September 14th Start it early: The add/drop deadline got reduced to September 12th
More informationTHE FUNDAMENTAL DATA TYPES
THE FUNDAMENTAL DATA TYPES Declarations, Expressions, and Assignments Variables and constants are the objects that a prog. manipulates. All variables must be declared before they can be used. #include
More informationCSE 333 Midterm Exam 2/12/16. Name UW ID#
Name UW ID# There are 6 questions worth a total of 100 points. Please budget your time so you get to all of the questions. Keep your answers brief and to the point. The exam is closed book, closed notes,
More informationFundamental of Programming (C)
Borrowed from lecturer notes by Omid Jafarinezhad Fundamental of Programming (C) Lecturer: Vahid Khodabakhshi Lecture 5 Structured Program Development Department of Computer Engineering How to develop
More informationBinary Representation. Decimal Representation. Hexadecimal Representation. Binary to Hexadecimal
Decimal Representation Binary Representation Can interpret decimal number 4705 as: 4 10 3 + 7 10 2 + 0 10 1 + 5 10 0 The base or radix is 10 Digits 0 9 Place values: 1000 100 10 1 10 3 10 2 10 1 10 0 Write
More informationDecimal Representation
Decimal Representation Can interpret decimal number 4705 as: 4 10 3 + 7 10 2 + 0 10 1 + 5 10 0 The base or radix is 10 Digits 0 9 Place values: 1000 100 10 1 10 3 10 2 10 1 10 0 Write number as 4705 10
More informationFundamentals of Programming
Fundamentals of Programming Lecture 5 - Structured Program Development Lecturer : Ebrahim Jahandar Borrowed from lecturer notes by Omid Jafarinezhad How to develop a program? Requirements Problem Analysis
More informationOutline. File Systems. File System Structure. CSCI 4061 Introduction to Operating Systems
Outline CSCI 4061 Introduction to Operating Systems Instructor: Abhishek Chandra File Systems Directories File and directory operations Inodes and metadata Links 2 File Systems An organized collection
More informationFundamentals of Programming
Fundamentals of Programming Lecture 4 Input & Output Lecturer : Ebrahim Jahandar Borrowed from lecturer notes by Omid Jafarinezhad Outline printf scanf putchar getchar getch getche Input and Output in
More informationIntroClassJava: A Benchmark of 297 Small and Buggy Java Programs
IntroClassJava: A Benchmark of 297 Small and Buggy Java Programs Thomas Durieux, Martin Monperrus To cite this version: Thomas Durieux, Martin Monperrus. IntroClassJava: A Benchmark of 297 Small and Buggy
More information16.216: ECE Application Programming Fall 2015 Exam 2 Solution
16.216: ECE Application Programming Fall 2015 Exam 2 Solution 1. (20 points, 5 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by circling
More informationFundamental of Programming (C)
Borrowed from lecturer notes by Omid Jafarinezhad Fundamental of Programming (C) Lecturer: Vahid Khodabakhshi CE 43 - Fall 97 Lecture 4 Input and Output Department of Computer Engineering Outline printf
More informationThis Document describes the API provided by the DVB-Multicast-Client library
DVB-Multicast-Client API-Specification Date: 17.07.2009 Version: 2.00 Author: Deti Fliegl This Document describes the API provided by the DVB-Multicast-Client library Receiver API Module
More informationSystem Security Class Notes 09/23/2013
System Security Class Notes 09/23/2013 1 Format String Exploits a Format String bugs The printf family consists of functions with variable arguments i printf (char* format, ) ii sprint (char* dest, char*
More informationC Pointers. CS 2060 Week 6. Prof. Jonathan Ventura
CS 2060 Week 6 1 Pointer Variables 2 Pass-by-reference 3 const pointers 4 Pointer arithmetic 5 sizeof 6 Arrays of pointers 7 Next Time Pointers The pointer is one of C s most powerful and important features.
More informationSOFTWARE Ph.D. Qualifying Exam Fall 2017
(i) (4 pts.) SOFTWARE Ph.D. Qualifying Exam Fall 2017 Consider the following C program. #include #define START 2 #define LIMIT 60 #define STEP 7 #define SIZE 3 int main(void) { int i = START,
More informationSystem LAV and Its Applications
Progress in Decision Procedures: From Formalizations to Applications Belgrade, March 30, 2013. Overview, Viktor Kuncak Development and Evaluation of : an SMT-Based Error Finding Platform. Verified Software:
More informationData Representation and Storage. Some definitions (in C)
Data Representation and Storage Learning Objectives Define the following terms (with respect to C): Object Declaration Definition Alias Fundamental type Derived type Use pointer arithmetic correctly Explain
More information(T) x. Casts. A cast converts the value held in variable x to type T
Several New Things 2 s complement representation of negative integers The data size flag in the conversion specification of printf Recast of &n to unsigned long to get the address 2 3 Casts (T) x A cast
More informationPROGMEM ESP8266EX RAM
PROGMEM ESP8266EX RAM 1.0 2017 Arduino IDE PROGMEM ESP8266EX RAM PROGMEM Flash 1 ESP8266EX PROGMEM 2 PROGMEM PROGMEM Flash 3 PROGMEM V1.0 1.... 1 1.1. ESP8266EX... 1 1.2. PROGMEM... 1 2. PROGMEM... 2 2.1.
More informationDecisions II. Switch Statement. If else allows a 2 way decision Switch allows for n-way decisions
Switch Statement If else allows a 2 way decision Switch allows for n-way decisions switch(variable){ case val1: statement; case val2: statement; case val3: statement; default: statement; variable must
More informationCGS 3460 Summer 07 Midterm Exam
Short Answer 3 Points Each 1. What would the unix command gcc somefile.c -o someotherfile.exe do? 2. Name two basic data types in C. 3. A pointer data type holds what piece of information? 4. This key
More informationFiles. Eric McCreath
Files Eric McCreath 2 What is a file? Information used by a computer system may be stored on a variety of storage mediums (magnetic disks, magnetic tapes, optical disks, flash disks etc). However, as a
More informationOverview of the 6th International Competition on Plagiarism Detection
Overview of the 6th International Competition on Plagiarism Detection Martin Potthast, Matthias Hagen, Anna Beyer, Matthias Busse, Martin Tippmann, and Benno Stein Bauhaus-Universität Weimar www.webis.de
More informationInteracting with Unix
Interacting with Unix Synopsis Getting the Process ID #include pid_t getpid(void); Example: #include #include int main(){ pid_t n = getpid(); printf("process id is %d\n",
More informationName Roll No. Section
Indian Institute of Technology, Kharagpur Computer Science and Engineering Department Class Test I, Autumn 2012-13 Programming & Data Structure (CS 11002) Full marks: 30 Feb 7, 2013 Time: 60 mins. Name
More information15-122: Principles of Imperative Computation, Spring Written Homework 12. Due: Sunday 15 th April, 2018 by 10pm. Name: Andrew ID: Section:
15-122: Principles of Imperative Computation, Spring 2018 Written Homework 12 Due: Sunday 15 th April, 2018 by 10pm Name: Andrew ID: Section: This written homework provides practice with C features such
More informationStorage class and Scope:
Algorithm = Logic + Control + Data Data structures and algorithms Data structures = Ways of systematically arranging information, both abstractly and concretely Algorithms = Methods for constructing, searching,
More informationEECE.2160: ECE Application Programming Fall 2017
EECE.2160: ECE Application Programming Fall 2017 1. (35 points) Functions Exam 2 Solution a. (15 points) Show the output of the short program below exactly as it will appear on the screen. Be sure to clearly
More informationQ1: Multiple choice / 20 Q2: C input/output; operators / 40 Q3: Conditional statements / 40 TOTAL SCORE / 100 EXTRA CREDIT / 10
16.216: ECE Application Programming Spring 2015 Exam 1 February 23, 2015 Name: ID #: For this exam, you may use only one 8.5 x 11 double-sided page of notes. All electronic devices (e.g., calculators,
More informationComputer System Architecture Quiz #2 April 5th, 2019
Computer System Architecture 6.823 Quiz #2 April 5th, 2019 Name: This is a closed book, closed notes exam. 80 Minutes 16 Pages (+2 Scratch) Notes: Not all questions are of equal difficulty, so look over
More informationPointers, Arrays, and Strings. CS449 Spring 2016
Pointers, Arrays, and Strings CS449 Spring 2016 Pointers Pointers are important. Pointers are fun! Pointers Every variable in your program has a memory location. This location can be accessed using & operator.
More informationEPITA S3 promo 2019 Programming - Machine Test
EPITA S3 promo 2019 Programming - Machine Test Marwan Burelle Friday, October 30 2015 Instructions: You must read the whole subject and all these instructions. Every explicit instructions in the subject
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Discussion 2 Question 1 Software Vulnerabilities (15 min) For the following code, assume an attacker can control the value of basket passed into eval basket.
More informationCOP 3223 Introduction to Programming with C - Study Union - Fall 2017
COP 3223 Introduction to Programming with C - Study Union - Fall 2017 Chris Marsh and Matthew Villegas Contents 1 Code Tracing 2 2 Pass by Value Functions 4 3 Statically Allocated Arrays 5 3.1 One Dimensional.................................
More informationCharacters, Character Strings, and string-manipulation functions in C
Characters, Character Strings, and string-manipulation functions in C see Kernighan & Ritchie Section 1.9, Appendix B3 Characters Printable characters (and some non-printable ones) are represented as 8-bit
More informationComputer 2 App1. App3 API Library. App3. API Library. Local Clipboard
System Programming (MEEC/MEAer) Project Assignment 2016/2017 In this project the students will implement a simple distributed clipboard. Applications can copy and past to/from the distributed clipboard
More informationString constants. /* Demo: string constant */ #include <stdio.h> int main() {
Strings 1 String constants 2 /* Demo: string constant */ #include s1.c int main() { printf("hi\n"); } String constants are in double quotes A backslash \ is used to include 'special' characters,
More informationSlide Set 2. for ENCM 335 in Fall Steve Norman, PhD, PEng
Slide Set 2 for ENCM 335 in Fall 2018 Steve Norman, PhD, PEng Electrical & Computer Engineering Schulich School of Engineering University of Calgary September 2018 ENCM 335 Fall 2018 Slide Set 2 slide
More information11 'e' 'x' 'e' 'm' 'p' 'l' 'i' 'f' 'i' 'e' 'd' bool equal(const unsigned char pstr[], const char *cstr) {
This document contains the questions and solutions to the CS107 midterm given in Spring 2016 by instructors Julie Zelenski and Michael Chang. This was an 80-minute exam. Midterm questions Problem 1: C-strings
More informationECE 250 / CS 250 Computer Architecture. C Programming
ECE 250 / CS 250 Computer Architecture C Programming Benjamin Lee Some slides based on those from Alvin Lebeck, Daniel Sorin, Andrew Hilton, Amir Roth, Gershon Kedem Outline Previously: Computer is a machine
More informationCSE 303, Winter 2007, Midterm Examination 9 February Please do not turn the page until everyone is ready.
CSE 303, Winter 2007, Midterm Examination 9 February 2007 Please do not turn the page until everyone is ready. Rules: The exam is closed-book, closed-note, except for one 8.5x11in piece of paper (both
More informationThis time. Defenses and other memory safety vulnerabilities. Everything you ve always wanted to know about gdb but were too afraid to ask
This time We will continue Buffer overflows By looking at Overflow Defenses and other memory safety vulnerabilities Everything you ve always wanted to know about gdb but were too afraid to ask Overflow
More informationMemory Allocation. General Questions
General Questions 1 Memory Allocation 1. Which header file should be included to use functions like malloc() and calloc()? A. memory.h B. stdlib.h C. string.h D. dos.h 2. What function should be used to
More informationChapter 3: Arrays and More C Functionality
Chapter 3: Arrays and More C Functionality Objectives: (a) Describe how an array is stored in memory. (b) Define a string, and describe how strings are stored. (c) Describe the implications of reading
More information16.216: ECE Application Programming Fall 2013
16.216: ECE Application Programming Fall 2013 Exam 1 Solution 1. (20 points, 5 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by circling
More informationComputer Hardware Engineering
2 Course Structure Computer Hardware ngineering IS1200, spring 2015 Lecture 4: The C Programming Language Continued Module 4: I/O Systems Module 1: Logic Design L DCÖ1 L DCÖ2 Lab:dicom L7 Module 2: C and
More informationComputer Hardware Engineering
Computer Hardware ngineering IS1200, spring 2015 Lecture 4: The C Programming Language Continued Associate Professor, KTH Royal Institute of Technology Assistant Research ngineer, University of California,
More informationPredicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning
Fakultät für Informatik Technische Universität München 26th USENIX Security Symposium Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning Sebastian Banescu
More informationSolutions to Assessment
Solutions to Assessment 1. In the bad character rule, what are the values of R(P) for the given pattern. CLICKINLINK (Please refer the lecture). Ans: a) C-1,K-10,N-9,I-8,L-2 b) C-1,K-10,N-9,I-8,L-7 c)
More informationECE 250 / CPS 250 Computer Architecture. C Programming
ECE 250 / CPS 250 Computer Architecture C Programming Benjamin Lee Slides based on those from Andrew Hilton (Duke), Alvy Lebeck (Duke) Benjamin Lee (Duke), and Amir Roth (Penn) Outline Previously:! Computer
More information1. The programming language C is more than 30 years old. True or False? (Circle your choice.)
Name: Section: Grade: Answer these questions while viewing the assigned videos. Not sure of an answer? Ask your instructor to explain at the beginning of the next class session. You can then fill in your
More informationTutorial 10 Pointers in C. Shuyue Hu
Tutorial 10 Pointers in C Shuyue Hu Content Basic concept of pointers Pointer arithmetic Array of pointers Pointer to pointer Passing pointers to functions in C Return pointer from functions in C 2 Content
More informationFor questions 4 through 7, select the value assigned to the relevant variable, given the declarations: 3) ) This is not allowed
This homework assignment focuses primarily on some of the basic syntax and semantics of C. The answers to the following questions can be determined by consulting a C language reference and/or writing short
More informationGoal. Overflow Checking in Firefox. Sixgill. Sixgill (cont) Verifier Design Questions. Sixgill: Properties 4/8/2010
Goal Overflow Checking in Firefox Brian Hackett Can we clean a code base of buffer overflows? Keep it clean? Must prove buffer accesses are in bounds Verification: prove a code base has a property Sixgill
More informationCMSC 313 Lecture 13 Project 4 Questions Reminder: Midterm Exam next Thursday 10/16 Virtual Memory
CMSC 33 Lecture 3 Project 4 Questions Reminder: Midterm Exam next Thursday /6 Virtual Memory UMBC, CMSC33, Richard Chang CMSC 33, Computer Organization & Assembly Language Programming
More informationCSI 1100 / 1500 Fall 2004 Introduction to Computer Science I Final Examination
CSI 1100 / 1500 Final Examination Page 1 of 13 CSI 1100 / 1500 Fall 2004 Introduction to Computer Science I Final Examination Duration : 3 hours 09:30 December 9, 2004 Professors: Alan Williams, Daniel
More informationC Programming. The C Preprocessor and Some Advanced Topics. Learn More about #define. Define a macro name Create function-like macros.
C Programming The C Preprocessor and Some Advanced Topics June 03, 2005 Learn More about #define Define a macro name Create function-like macros to avoid the time might be longer #define SUM(i, j) i+j
More informationIntroduction to C Programming Ray Lauff Temple University Computer Science v2.0
Introduction to C Programming Ray Lauff Temple University Computer Science v2.0 NOTE: Not all the material covered in class is included in this slide deck. These slides are not meant to be used as a stand-alone
More informationITC213: STRUCTURED PROGRAMMING. Bhaskar Shrestha National College of Computer Studies Tribhuvan University
ITC213: STRUCTURED PROGRAMMING Bhaskar Shrestha National College of Computer Studies Tribhuvan University Lecture 07: Data Input and Output Readings: Chapter 4 Input /Output Operations A program needs
More informationCSE 410: Systems Programming
CSE 410: Systems Programming Input and Output Ethan Blanton Department of Computer Science and Engineering University at Buffalo I/O Kernel Services We have seen some text I/O using the C Standard Library.
More informationeverything is a file main.c a.out /dev/sda1 /dev/tty2 /proc/cpuinfo file descriptor int
everything is a file main.c a.out /dev/sda1 /dev/tty2 /proc/cpuinfo file descriptor int #include #include #include int open(const char *path, int flags); flagso_rdonly
More informationCS201: Lab #4 Writing a Dynamic Storage Allocator
CS201: Lab #4 Writing a Dynamic Storage Allocator In this lab you will write a dynamic storage allocator for C programs, i.e., your own version of the malloc, free and realloc routines. You are encouraged
More informationDiscovering the ios Instruments Server
Discovering the ios Instruments Server Troy Bowman Hex-Rays troy@hex-rays.com Recon Montreal 2018 Purpose of This Talk Share our discoveries Document all of our steps Fun! What is Instruments? Instruments
More informationPart Two - Process Management. Chapter 3: Processes
Part Two - Process Management Chapter 3: Processes Chapter 3: Processes 3.1 Process Concept 3.2 Process Scheduling 3.3 Operations on Processes 3.4 Interprocess Communication 3.5 Examples of IPC Systems
More informationECE 15 Fall 15 Midterm Solutions
ECE 15 Fall 15 Midterm Solutions This is a closed-book exam: no notes, books, calculators, cellphones, or friends are allowed. In problems 2 4, you can assume that the uers s input is correct. If you need
More information# #1 00/00/00. Order Proof Date. Supplied Cable ARTWORK FOR APPROVAL
ARTWORK FOR APPROVAL I M P O R T A N T : T h i s d r a w i n g i s f o r a p p r o x i m a t e p r i n t p o s i t i o n a l p u r p o s e s o n l y. It is not intended to be an exact scale or detailed
More informationCS Programming In C
CS 24000 - Programming In C Week Seven: More on memory operations, and structures. Union, function pointer, and bit operations Zhiyuan Li Department of Computer Science Purdue University, USA 2 Academic
More informationCharm++ on the Cell Processor
Charm++ on the Cell Processor David Kunzman, Gengbin Zheng, Eric Bohm, Laxmikant V. Kale 1 Motivation Cell Processor (CBEA) is powerful (peak-flops) Allow Charm++ applications utilize the Cell processor
More informationCSE443 Compilers. Dr. Carl Alphonce 343 Davis Hall
CSE443 Compilers Dr. Carl Alphonce alphonce@buffalo.edu 343 Davis Hall www.cse.buffalo. edu/faculty/alphonce/sp18/cse443 piazza.com/buffalo/spring2018/cse443 BUILD A COMPILER! Assessment plan Homework
More informationCSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks
CSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks 1) What will be the output of the following C program when
More information