Security Coding Module - Buffer Overflow Data Gone Wild CS1
|
|
- Allison Lynch
- 6 years ago
- Views:
Transcription
1 Security Coding Module - Buffer Overflow Data Gone Wild CS1 Background Summary: Buffer overflow occurs when data is input or written beyond the allocated bounds of an buffer, array, or other object causing a program crash or a vulnerability that hackers might exploit. Description: A buffer overflow occurs when data is written beyond the boundaries of a fixed length buffer overwriting adjacent memory locations which may include other buffers, variables and program flow data. Considered the nuclear bomb of the software industry, the buffer overflow is one of the most persistent security vulnerabilities and frequently used attacks. Risk How Can It Happen? Writing outside the bounds of a block of allocated memory can corrupt data, crash the program, or allow the execution of malicious code. Example of Occurrence: A buffer overflow in a 2004 version of AOL s AIM instant-messaging software exposed users to buffer overflow vulnerabilities. If a user posted a URL in their I m away message, any of his or her friends who clicked on that link might be vulnerable to attack. AOL s response was to suggest that users update to a new version that would fix the bug. Paul Roberts AOL IM Away message flaw deemed critical, Infoworld, August 9, Example in Code: #include <iostream> using namespace std; int main(void) { int vals[10]; for (size_t i=0; i < 20; i++) { vals[i]=i; return 0;
2 When this program is run, the loop counter will exceed the value of a suitable index for the array. When the assignment statement tries to store a value in vals[10], buffer overflow occurs. The result is unpredictable. Depending on the operating system and the specific nature of the overflow, it may not cause any apparent problems, may cause the program to crash, or allow the execution of arbitrary code by an attacker. Because buffer overflow is a common problem in C/C++, it is recommended to declare any variable that is used to represent the size of an object, including integer values used as sizes, indices, loop counters, and lengths, as size_t. The size_t type is an unsigned integer type. Code Responsibly-- How Can I Avoid Buffer Overflow? Make sure you have enough space: Before copying data to a fixed size block, make sure it is large enough to hold the data that you are going to copy. If it is not large enough, do not copy more data than your available space can hold. If your program is not able to continue properly after filling the available space, you may have to find some way to recover from the error. Validate indices: If you have an integer variable, verify that it is within the proper bounds before you use it as an index to an array. This validation is particularly important for any values that might have been provided as user input or other untrusted input, such as information that might be read from a file or from a network connection. When possible, use buffer-size accessors: Loops that iterate over arrays need to know the size of the array. Using a variable with the wrong value or the incorrect constant value can lead to buffer overflows. Some languages, such as Java, provide operators that can be used to retrieve the size of an array. Using these operators can help you avoid some of these problems. Use alternative data structures that reduce the risk of overflows: Many buffer overflow vulnerabilities can be avoided by using vectors or other structures instead of traditional arrays. When possible, use vectors and iterators instead of arrays and integer-indexed loops. Note that these tools will not prevent you from running into trouble: you will still have to write your code carefully and correctly. However, they can reduce your risk of buffer overflow vulnerabilities. Lab Assignment Program 1 #include <iostream> using namespace std; int main(void) { int vals[10]; size_t count; size_t which; cout << "How many values should be store in the array? "; cin >> count; for (size_t i = 0; i < count; i++) {
3 vals[i] = count-i; cout << "Which value do you wish to retrieve? "; cin >> which; cout << "Your value is " << vals[which] << endl; return 0; Lab Questions: 1. Type*, compile, and run the above program. Describe the results. What happens if you type 3 for the first prompt? 7? 12? 20? What happens if you type 10 for the first prompt and then 3, 7, 12, and 20 for the second prompt? 2. Complete the security checklist for this program (print the checklist). 3. List potential buffer overflow errors. 4. Provide example inputs that might cause buffer overflow problems. 5. What strategies might you use to remove potential buffer overflow vulnerabilities from this program? *Copying and pasting programs may result in syntax errors and other inconsistencies. It is recommended you type each program. Program 2 (optional - check with your instructor if you need to complete this program) Write a program that reads at most 10 temperatures (stored as floating point values) from a file. You can assume that the temperatures are stored in a file called temps.txt. Your program should include the following elements: 1. A method to read the temperatures into an array 2. A method that prints the temperatures 3. A method that computes the average temperature 4. A main that uses each of these methods. If there are more than 10 values, your program should ignore any values after the first 10. If there are no values in the file, an appropriate error message should be printed. Test this program with files containing the following sets of values. Indicate the average that you get in each case. Your program should handle each of these cases appropriately. 1. Empty file Security Checklist
4 Security Checklist Vulnerability:Buffer Overflow Course: CS1 Task - Check each line of code Completed 1. Finding Arrays: 1.1 Underline each array declaration 1.2 For each array, underline all subsequent references 2. Index Variables legal range for an array of size n is 0 <= i < n 2.1 For each underlined access that uses a variable as an index, write the legal range next to it. 2.2 For each index marked in 2.1, underline all occurrences of that variable Circle any assignments, inputs or operations that may modify these index variables Mark with a V any array that is indexed by a circled index variable. 3. Loops that modify index variables 3.1 Find loops that modify variables used to index arrays. For any index that occurs as part of a loop conditional, underline the loop limit. For example, if i < max is the conditional in a for loop, underline max 3.2. Write the legal range of the array index next to the loop limit as you did in step 2.1. Mark with a V if the loop limit could exceed the legal range of the array index. Watch out for loops that iterate beyond the bounds of the array (for example, i <=max when the largest valid index is max-1). 3.3 If the upper or lower loop limit is a variable, it must be checked just as indices are checked in Step 2 Highlighted areas indicate vulnerabilities! Discussion Questions 1. Describe the buffer overflow problem.
5 2. List three ways you could potentially overflow a buffer in your program. 3. How could you prevent a buffer overflow from occurring in your program? Further Work (optional - check with your instructor if you need to answer the following questions) 1. Give three real life examples of buffer overflow attacks (research on the web). 2. What can result from a buffer overflow? 3. Buffer overflows can be troublesome if they are used by attackers to run their own code. What sort of things might an attacker try to do if he or she were able to run any code they wanted on a computer?
Security Coding Module Integer Error You Can t Count That High CS1
Security Coding Module Integer Error You Can t Count That High CS1 Summary: Integer values that are too large or too small may fall outside the allowable range for their data type, leading to undefined
More informationMultiple Choice (Questions 1 13) 26 Points Select all correct answers (multiple correct answers are possible)
Name Closed notes, book and neighbor. If you have any questions ask them. Notes: Segment of code necessary C++ statements to perform the action described not a complete program Program a complete C++ program
More informationIDE: Integrated Development Environment
Name: Student ID: Lab Instructor: Borja Sotomayor Do not write in this area 1 2 3 TOTAL Maximum possible points: 30 One of the goals of this lab is to introduce the Eclipse IDE, a software environment
More informationWelcome to MCS 360. content expectations. using g++ input and output streams the namespace std. Euclid s algorithm the while and do-while statements
Welcome to MCS 360 1 About the Course content expectations 2 our first C++ program using g++ input and output streams the namespace std 3 Greatest Common Divisor Euclid s algorithm the while and do-while
More informationJordan University of Science & Technology Department of Computer Science CS 211 Exam #1 (23/10/2010) -- Form A
Jordan University of Science & Technology Department of Computer Science CS 211 Exam #1 (23/10/2010) -- Form A Name: ID#: Section #: Day & Time: Instructor: Answer all questions as indicated. Closed book/closed
More informationLab#5 Due Wednesday, February 25, at the start of class. Purpose: To develop familiarity with C++ pointer variables
Lab#5 Due Wednesday, February 25, at the start of class Purpose: To develop familiarity with C++ pointer variables Introduction: In this lab, you will learn by experimentation the answers to some questions
More informationName SECTION: 12:45 2:20. True or False (12 Points)
Name SECION: 12:45 2:20 rue or False (12 Points) 1. (12 pts) Circle for true and F for false: F a) Local identifiers have name precedence over global identifiers of the same name. F b) Local variables
More informationCS2141 Software Development using C/C++ C++ Basics
CS2141 Software Development using C/C++ C++ Basics Integers Basic Types Can be short, long, or just plain int C++ does not define the size of them other than short
More informationCS31 Discussion 1E. Jie(Jay) Wang Week1 Sept. 30
CS31 Discussion 1E Jie(Jay) Wang Week1 Sept. 30 About me Jie Wang E-mail: holawj@gmail.com Office hour: Wednesday 3:30 5:30 BH2432 Thursday 12:30 1:30 BH2432 Slides of discussion will be uploaded to the
More informationCPE 112 Spring 2015 Exam III (100 pts) April 8, True or False (12 Points)
Name rue or False (12 Points) 1. (12 pts) Circle for true and F for false: F a) Local identifiers have name precedence over global identifiers of the same name. F b) Local variables retain their value
More informationWeek 1: Hello World! Muhao Chen
Week 1: Hello World! Muhao Chen 1 Muhao Chen Teaching Fellow Email address: muhaochen@ucla.edu Office Hours: Thursday 11:30 ~ 2:30 PM BH2432 Personal office BH3551 Homepage (where I post slides): http://yellowstone.cs.ucla.edu/~muhao/
More informationCS242 COMPUTER PROGRAMMING
CS242 COMPUTER PROGRAMMING I.Safa a Alawneh Variables Outline 2 Data Type C++ Built-in Data Types o o o o bool Data Type char Data Type int Data Type Floating-Point Data Types Variable Declaration Initializing
More informationMultiple Choice (Questions 1 14) 28 Points Select all correct answers (multiple correct answers are possible)
Name Closed notes, book and neighbor. If you have any questions ask them. Notes: Segment of code necessary C++ statements to perform the action described not a complete program Program a complete C++ program
More informationCS 103 Lab 6 - Party Like A Char Star
1 Introduction In this lab you will implement a "hangman" game where the user is shown blanks representing letter of a word and then tries to guess and fill in the letters with a limited number of guesses.
More informationNon-numeric types, boolean types, arithmetic. operators. Comp Sci 1570 Introduction to C++ Non-numeric types. const. Reserved words.
, ean, arithmetic s s on acters Comp Sci 1570 Introduction to C++ Outline s s on acters 1 2 3 4 s s on acters Outline s s on acters 1 2 3 4 s s on acters ASCII s s on acters ASCII s s on acters Type: acter
More informationEE 109 Lab 8a Conversion Experience
EE 109 Lab 8a Conversion Experience 1 Introduction In this lab you will write a small program to convert a string of digits representing a number in some other base (between 2 and 10) to decimal. The user
More informationExercise 1.1 Hello world
Exercise 1.1 Hello world The goal of this exercise is to verify that computer and compiler setup are functioning correctly. To verify that your setup runs fine, compile and run the hello world example
More informationHomework #3 CS2255 Fall 2012
Homework #3 CS2255 Fall 2012 MULTIPLE CHOICE 1. The, also known as the address operator, returns the memory address of a variable. a. asterisk ( * ) b. ampersand ( & ) c. percent sign (%) d. exclamation
More informationo Counter and sentinel controlled loops o Formatting output o Type casting o Top-down, stepwise refinement
Last Time Let s all Repeat Together 10/3/05 CS150 Introduction to Computer Science 1 1 We covered o Counter and sentinel controlled loops o Formatting output Today we will o Type casting o Top-down, stepwise
More informationMultiple Choice (Questions 1 13) 26 Points Select all correct answers (multiple correct answers are possible)
Name Closed notes, book and neighbor. If you have any questions ask them. Notes: Segment of code necessary C++ statements to perform the action described not a complete program Program a complete C++ program
More informationLab 4: Introduction to Programming
_ Unit 2: Programming in C++, pages 1 of 9 Department of Computer and Mathematical Sciences CS 1410 Intro to Computer Science with C++ 4 Lab 4: Introduction to Programming Objectives: The main objective
More informationCS 311 Data Structures and Algorithms, Fall 2009 Midterm Exam Solutions. The Midterm Exam was give in class on Wednesday, October 21, 2009.
CS 311 Data Structures and Algorithms, Fall 2009 Midterm Exam Solutions The Midterm Exam was give in class on Wednesday, October 21, 2009. 1. [4 pts] When we define a (non-template) class, we generally
More informationEE 355 Lab 4 - Party Like A Char Star
1 Introduction In this lab you will implement a "hangman" game where the user is shown blanks representing letter of a word and then tries to guess and fill in the letters with a limited number of guesses
More informationint n = 10; int sum = 10; while (n > 1) { sum = sum + n; n--; } cout << "The sum of the integers 1 to 10 is " << sum << endl;
Debugging Some have said that any monkey can write a program the hard part is debugging it. While this is somewhat oversimplifying the difficult process of writing a program, it is sometimes more time
More informationUniversity of Technology. Laser & Optoelectronics Engineering Department. C++ Lab.
University of Technology Laser & Optoelectronics Engineering Department C++ Lab. Fifth week Control Structures A program is usually not limited to a linear sequence of instructions. During its process
More informationWhat we will learn about this week: Declaring and referencing arrays. arrays as function arguments. Arrays
What we will learn about this week: Declaring and referencing arrays Arrays in memory Initializing arrays indexed variables arrays as function arguments Arrays a way of expressing many of the same variable
More informationLecture 4 September Required reading materials for this class
EECS 261: Computer Security Fall 2007 Lecture 4 September 6 Lecturer: David Wagner Scribe: DK Moon 4.1 Required reading materials for this class Beyond Stack Smashing: Recent Advances in Exploiting Buffer
More informationBy the end of this section you should: Understand what the variables are and why they are used. Use C++ built in data types to create program
1 By the end of this section you should: Understand what the variables are and why they are used. Use C++ built in data types to create program variables. Apply C++ syntax rules to declare variables, initialize
More informationFunctions. CS111 Lab Queens College, CUNY Instructor: Kent Chin
Functions CS111 Lab Queens College, CUNY Instructor: Kent Chin Functions They're everywhere! Input: x Function: f Output: f(x) Input: Sheets of Paper Function: Staple Output: Stapled Sheets of Paper C++
More informationCMSC 202 Midterm Exam 1 Fall 2015
1. (15 points) There are six logic or syntax errors in the following program; find five of them. Circle each of the five errors you find and write the line number and correction in the space provided below.
More informationCE221 Programming in C++ Part 2 References and Pointers, Arrays and Strings
CE221 Programming in C++ Part 2 References and Pointers, Arrays and Strings 19/10/2017 CE221 Part 2 1 Variables and References 1 In Java a variable of primitive type is associated with a memory location
More informationCS 11 C++ track: lecture 1
CS 11 C++ track: lecture 1 Administrivia Need a CS cluster account http://www.cs.caltech.edu/cgi-bin/ sysadmin/account_request.cgi Need to know UNIX (Linux) www.its.caltech.edu/its/facilities/labsclusters/
More informationStack Overflow COMP620
Stack Overflow COMP620 There are two kinds of people in America today: those who have experienced a foreign cyber attack and know it, and those who have experienced a foreign cyber attack and don t know
More informationFORM 1 (Please put your name and section number (001/10am or 002/2pm) on the scantron!!!!) CS 161 Exam II: True (A)/False(B) (2 pts each):
FORM 1 (Please put your name and section number (001/10am or 002/2pm) on the scantron!!!!) CS 161 Exam II: True (A)/False(B) (2 pts each): 1. If a function has default arguments, they can be located anywhere
More informationPrinciples of Programming Pointers, Dynamic Memory Allocation, Character Arrays, and Buffer Overruns
Pointers, Dynamic Memory Allocation, Character Arrays, and Buffer Overruns What is an array? Pointers Memory issues The name of the array is actually a memory address. You can prove this by trying to print
More informationBasic program The following is a basic program in C++; Basic C++ Source Code Compiler Object Code Linker (with libraries) Executable
Basic C++ Overview C++ is a version of the older C programming language. This is a language that is used for a wide variety of applications and which has a mature base of compilers and libraries. C++ is
More informationCS 103 Lab - Party Like A Char Star
1 Introduction In this lab you will implement a "hangman" game where the user is shown blanks representing letter of a word and then tries to guess and fill in the letters with a limited number of guesses.
More informationMultiple Choice (Questions 1 14) 28 Points Select all correct answers (multiple correct answers are possible)
Name Closed notes, book and neighbor. If you have any questions ask them. Notes: Segment of code necessary C++ statements to perform the action described not a complete program Program a complete C++ program
More informationWhy Is Repetition Needed?
Why Is Repetition Needed? Repetition allows efficient use of variables. It lets you process many values using a small number of variables. For example, to add five numbers: Inefficient way: Declare a variable
More information#include <iostream> #include <algorithm> #include <cmath> using namespace std; int f1(int x, int y) { return (double)(x/y); }
1. (9 pts) Show what will be output by the cout s in this program. As in normal program execution, any update to a variable should affect the next statement. (Note: boolalpha simply causes Booleans to
More informationMM1_ doc Page E-1 of 12 Rüdiger Siol :21
Contents E Structures, s and Dynamic Memory Allocation... E-2 E.1 C s Dynamic Memory Allocation Functions... E-2 E.1.1 A conceptual view of memory usage... E-2 E.1.2 malloc() and free()... E-2 E.1.3 Create
More information7.1. Chapter 7: Arrays Hold Multiple Values. Array - Memory Layout. Array Terminology. Array Terminology 8/23/2014. Arrays Hold Multiple Values
Chapter 7: Arrays 7.1 Arrays Hold Multiple Values Arrays Hold Multiple Values Array: variable that can store multiple values of the same type Values are stored in adjacent memory locations Declared using
More informationIntroducing C++ to Java Programmers
Introducing C++ to Java Programmers by Kip Irvine updated 2/27/2003 1 Philosophy of C++ Bjarne Stroustrup invented C++ in the early 1980's at Bell Laboratories First called "C with classes" Design Goals:
More information1- Write a single C++ statement that: A. Calculates the sum of the two integrates 11 and 12 and outputs the sum to the consol.
1- Write a single C++ statement that: A. Calculates the sum of the two integrates 11 and 12 and outputs the sum to the consol. B. Outputs to the console a floating point number f1 in scientific format
More informationBeyond Stack Smashing: Recent Advances in Exploiting. Jonathan Pincus(MSR) and Brandon Baker (MS)
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns Jonathan Pincus(MSR) and Brandon Baker (MS) Buffer Overflows and How they Occur Buffer is a contiguous segment of memory of a fixed
More informationLab # 02. Basic Elements of C++ _ Part1
Lab # 02 Basic Elements of C++ _ Part1 Lab Objectives: After performing this lab, the students should be able to: Become familiar with the basic components of a C++ program, including functions, special
More informationAnnouncements. Lab Friday, 1-2:30 and 3-4:30 in Boot your laptop and start Forte, if you brought your laptop
Announcements Lab Friday, 1-2:30 and 3-4:30 in 26-152 Boot your laptop and start Forte, if you brought your laptop Create an empty file called Lecture4 and create an empty main() method in a class: 1.00
More informationChapter 2. C++ Syntax and Semantics, and the Program Development Process. Dale/Weems 1
Chapter 2 C++ Syntax and Semantics, and the Program Development Process Dale/Weems 1 Chapter 2 Topics Programs Composed of Several Functions Syntax Templates Legal C++ Identifiers Assigning Values to Variables
More informationCAAM 420 Fall 2012 Lecture 29. Duncan Eddy
CAAM 420 Fall 2012 Lecture 29 Duncan Eddy November 7, 2012 Table of Contents 1 Templating in C++ 3 1.1 Motivation.............................................. 3 1.2 Templating Functions........................................
More informationMemory Corruption 101 From Primitives to Exploit
Memory Corruption 101 From Primitives to Exploit Created by Nick Walker @ MWR Infosecurity / @tel0seh What is it? A result of Undefined Behaviour Undefined Behaviour A result of executing computer code
More informationComputer Science II Lecture 1 Introduction and Background
Computer Science II Lecture 1 Introduction and Background Discussion of Syllabus Instructor, TAs, office hours Course web site, http://www.cs.rpi.edu/courses/fall04/cs2, will be up soon Course emphasis,
More informationLaboratory 5: Implementing Loops and Loop Control Strategies
Laboratory 5: Implementing Loops and Loop Control Strategies Overview: Objectives: C++ has three control structures that are designed exclusively for iteration: the while, for and do statements. In today's
More informationExam 3 Chapters 7 & 9
Exam 3 Chapters 7 & 9 CSC 2100-002/003 29 Mar 2017 Read through the entire test first BEFORE starting Put your name at the TOP of every page The test has 4 sections worth a total of 100 points o True/False
More informationBrave New 64-Bit World. An MWR InfoSecurity Whitepaper. 2 nd June Page 1 of 12 MWR InfoSecurity Brave New 64-Bit World
Brave New 64-Bit World An MWR InfoSecurity Whitepaper 2 nd June 2010 2010-06-02 Page 1 of 12 Abstract Abstract Memory requirements on server and desktop systems have risen considerably over the past few
More informationCSI33 Data Structures
Outline Department of Mathematics and Computer Science Bronx Community College October 24, 2018 Outline Outline 1 Chapter 8: A C++ Introduction For Python Programmers Expressions and Operator Precedence
More informationTo become familiar with array manipulation, searching, and sorting.
ELECTRICAL AND COMPUTER ENGINEERING 06-88-211: COMPUTER AIDED ANALYSIS LABORATORY EXPERIMENT #2: INTRODUCTION TO ARRAYS SID: OBJECTIVE: SECTIONS: Total Mark (out of 20): To become familiar with array manipulation,
More informationOutline. Introduction. Arrays declarations and initialization. Const variables. Character arrays. Static arrays. Examples.
Outline Introduction. Arrays declarations and initialization. Const variables. Character arrays. Static arrays. Examples. 1 Arrays I Array One type of data structures. Consecutive group of memory locations
More informationDepartment of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.858 Fall 2010 Quiz I All problems are open-ended questions. In order to receive credit you must answer
More informationTutorial 13 Salary Survey Application: Introducing One- Dimensional Arrays
Tutorial 13 Salary Survey Application: Introducing One- Dimensional Arrays Outline 13.1 Test-Driving the Salary Survey Application 13.2 Introducing Arrays 13.3 Declaring and Initializing Arrays 13.4 Constructing
More informationCSC 252: Computer Organization Spring 2018: Lecture 9
CSC 252: Computer Organization Spring 2018: Lecture 9 Instructor: Yuhao Zhu Department of Computer Science University of Rochester Action Items: Assignment 2 is due tomorrow, midnight Assignment 3 is out
More informationPlan for Today. Safe Programming Languages. What is a secure programming language?
cs2220: Engineering Software Class 19: Java Security Java Security Plan for Today Java Byte s () and Verification Fall 2010 UVa David Evans Reminder: Project Team Requests are due before midnight tomorrow
More informationCS 31 Discussion 1A, Week 1. Zengwen Yuan (zyuan [at] cs.ucla.edu) Humanities A65, Friday 10:00 11:50
CS 31 Discussion 1A, Week 1 Zengwen Yuan (zyuan [at] cs.ucla.edu) Humanities A65, Friday 10:00 11:50 TA Zengwen Yuan ( zyuan [at] cs.ucla.edu ) Discussion session (1A): Humanities A65 Friday 10:00 11:50
More information7.1. Chapter 7: Arrays Hold Multiple Values. Array - Memory Layout. A single variable can only hold one value. Declared using [] operator:
Chapter 7: 7.1 Arrays Arrays Hold Multiple Values Arrays Hold Multiple Values Array - Memory Layout A single variable can only hold one value int test; 95 Enough memory for 1 int What if we need to store
More informationIntroduction to Programming using C++
Introduction to Programming using C++ Lecture One: Getting Started Carl Gwilliam gwilliam@hep.ph.liv.ac.uk http://hep.ph.liv.ac.uk/~gwilliam/cppcourse Course Prerequisites What you should already know
More informationCS 311 Data Structures and Algorithms, Spring 2009 Midterm Exam Solutions. The Midterm Exam was given in class on Wednesday, March 18, 2009.
CS 311 Data Structures and Algorithms, Spring 2009 Midterm Exam Solutions The Midterm Exam was given in class on Wednesday, March 18, 2009. 1. [4 pts] Parameter Passing in C++. In the table below, the
More informationName MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.
CMPSC11 Final (Study Guide) Fall 11 Prof Hartman Name MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 1) This is a collection of statements that performs
More informationpointers + memory double x; string a; int x; main overhead int y; main overhead
pointers + memory computer have memory to store data. every program gets a piece of it to use as we create and use more variables, more space is allocated to a program memory int x; double x; string a;
More informationSuperior University. Department of Electrical Engineering CS-115. Computing Fundamentals. Experiment No.7. User Defined Functions II
Superior University Department of Electrical Engineering CS-115 Computing Fundamentals Experiment No.7 User Defined Functions II Prepared for By: Name: ID: Section: Semester: Total Marks: Obtained Marks:
More informationCS 201 (Intro. to Computing) Fall 2015 Sabancı University Sample Questions for Midterm 1
CS 201 (Intro. to Computing) Fall 2015 Sabancı University Sample Questions for Midterm 1 Those questions do not imply any favorite subject or question type for the questions in the actual exam Please also
More informationWeek 3. Function Definitions. Example: Function. Function Call, Return Statement. Functions & Arrays. Gaddis: Chapters 6 and 7.
Week 3 Functions & Arrays Gaddis: Chapters 6 and 7 CS 5301 Fall 2015 Jill Seaman 1 Function Definitions! Function definition pattern: datatype identifier (parameter1, parameter2,...) { statements... Where
More informationFor example, let s say we define an array of char of size six:
Arrays in C++ An array is a consecutive group of memory locations that all have the same name and the same type. To refer to a particular location, we specify the name and then the positive index into
More informationStack memory - "scratch pad" memory that is used by automatic variables.
Dynamic Memory Allocation In C and C++ three types of memory are used by programs: Static memory - where global and static variables live Stack memory - "scratch pad" memory that is used by automatic variables.
More informationDepartment of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I Solutions
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.893 Fall 2009 Quiz I Solutions All problems are open-ended questions. In order to receive credit you must
More informationIntrusion Detection and Malware Analysis
Intrusion Detection and Malware Analysis Host Based Attacks Pavel Laskov Wilhelm Schickard Institute for Computer Science Software security threats Modification of program code viruses and self-replicating
More informationSummary of basic C++-commands
Summary of basic C++-commands K. Vollmayr-Lee, O. Ippisch April 13, 2010 1 Compiling To compile a C++-program, you can use either g++ or c++. g++ -o executable_filename.out sourcefilename.cc c++ -o executable_filename.out
More informationWhy bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
More informationUnit 14. Passing Arrays & C++ Strings
1 Unit 14 Passing Arrays & C++ Strings PASSING ARRAYS 2 3 Passing Arrays As Arguments Can we pass an array to another function? YES!! Syntax: Step 1: In the prototype/signature: Put empty square brackets
More informationIncrement and the While. Class 15
Increment and the While Class 15 Increment and Decrement Operators Increment and Decrement Increase or decrease a value by one, respectively. the most common operation in all of programming is to increment
More informationConstructor - example
Constructors A constructor is a special member function whose task is to initialize the objects of its class. It is special because its name is same as the class name. The constructor is invoked whenever
More informationC++ Undefined Behavior What is it, and why should I care?
C++ Undefined Behavior What is it, and why should I care? Marshall Clow Qualcomm marshall@idio.com http://cplusplusmusings.wordpress.com (intermittent) Twitter: @mclow ACCU 2014 April 2014 What is Undefined
More information1 Unit 8 'for' Loops
1 Unit 8 'for' Loops 2 Control Structures We need ways of making decisions in our program To repeat code until we want it to stop To only execute certain code if a condition is true To execute one segment
More informationECE250: Algorithms and Data Structures C++ Language Tutorial
ECE250: Algorithms and Data Structures C++ Language Tutorial Ladan Tahvildari, PEng Associate Professor Software Technologies Applied Research (STAR) Group Dept. of Elect. & Comp. Eng. University of Waterloo
More informationCYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output
CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 Secure Coding String management Pointer Subterfuge
More information2/9/18. CYSE 411/AIT681 Secure Software Engineering. Readings. Secure Coding. This lecture: String management Pointer Subterfuge
CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 String management Pointer Subterfuge Secure
More informationC++ Programming Applied to Robotics, Mark Aull Lesson 5a: Arrays and Pointers
C++ Programming Applied to Robotics, Mark Aull Lesson 5a: Arrays and Pointers This lesson introduces the concept of templated functions. These allow you to write a function that takes parameters of an
More informationC++_ MARKS 40 MIN
C++_16.9.2018 40 MARKS 40 MIN https://tinyurl.com/ya62ayzs 1) Declaration of a pointer more than once may cause A. Error B. Abort C. Trap D. Null 2Whice is not a correct variable type in C++? A. float
More informationCS 101 Computer Programming and utilization. Dr Deepak B Phatak Subrao Nilekani Chair Professor Department of CSE, Kanwal Rekhi Building IIT Bombay
CS 101 Computer Programming and utilization Dr Deepak B Phatak Subrao Nilekani Chair Professor Department of CSE, Kanwal Rekhi Building Bombay Lecture 4, Conditional execution of instructions Friday, August
More informationLab 2.1: Fixing a C++ program
CS 150 Lab 2 Introduction to Compiler Errors, Variables, Assignments and Output The purpose of today s lab session is to allow you to gain experience using primitive data types, constants, assignment statements
More informationReview: Exam 1. Your First C++ Program. Declaration Statements. Tells the compiler. Examples of declaration statements
Review: Exam 1 9/20/06 CS150 Introduction to Computer Science 1 1 Your First C++ Program 1 //*********************************************************** 2 // File name: hello.cpp 3 // Author: Shereen Khoja
More informationChapter 9: Pointers Co C pyr py igh i t gh Pear ea so s n n E ducat ca io i n, n Inc. n c.
Chapter 9: Pointers 9.1 Getting the Address of a Variable C++ Variables [ not in book ] A Variable has all of the following attributes: 1. name 2. type 3. size 4. value 5. storage class static or automatic
More informationLAB: INTRODUCTION TO FUNCTIONS IN C++
LAB: INTRODUCTION TO FUNCTIONS IN C++ MODULE 2 JEFFREY A. STONE and TRICIA K. CLARK COPYRIGHT 2014 VERSION 4.0 PALMS MODULE 2 LAB: FUNCTIONS IN C++ 2 Introduction This lab will provide students with an
More informationChapter 2 Basic Elements of C++
C++ Programming: From Problem Analysis to Program Design, Fifth Edition 2-1 Chapter 2 Basic Elements of C++ At a Glance Instructor s Manual Table of Contents Overview Objectives s Quick Quizzes Class Discussion
More informationLab Instructor : Jean Lai
Lab Instructor : Jean Lai Group related statements to perform a specific task. Structure the program (No duplicate codes!) Must be declared before used. Can be invoked (called) as any number of times.
More informationPIC 10A Pointers, Arrays, and Dynamic Memory Allocation. Ernest Ryu UCLA Mathematics
PIC 10A Pointers, Arrays, and Dynamic Memory Allocation Ernest Ryu UCLA Mathematics Pointers A variable is stored somewhere in memory. The address-of operator & returns the memory address of the variable.
More informationLab 2: Pointers. //declare a pointer variable ptr1 pointing to x. //change the value of x to 10 through ptr1
Lab 2: Pointers 1. Goals Further understanding of pointer variables Passing parameters to functions by address (pointers) and by references Creating and using dynamic arrays Combing pointers, structures
More informationC++ Code Structure. Cooperating with the Compiler
C++ Code Structure Cooperating with the Compiler C / C++ Compilation In Java (and many other modern languages), the compiler is designed to make multiple passes over code files during compilation. In doing
More informationIntroduction to Programming
Introduction to Programming session 5 Instructor: Reza Entezari-Maleki Email: entezari@ce.sharif.edu 1 Fall 2010 These slides are created using Deitel s slides Sahrif University of Technology Outlines
More informationC++ basics Getting started with, and Data Types.
C++ basics Getting started with, and Data Types pm_jat@daiict.ac.in Recap Last Lecture We talked about Variables - Variables, their binding to type, storage etc., Categorization based on storage binding
More informationROUNDING ERRORS LAB 1. OBJECTIVE 2. INTRODUCTION
ROUNDING ERRORS LAB Imagine you are traveling in Italy, and you are trying to convert $27.00 into Euros. You go to the bank teller, who gives you 20.19. Your friend is with you, and she is converting $2,700.00.
More informationTHE INTEGER DATA TYPES. Laura Marik Spring 2012 C++ Course Notes (Provided by Jason Minski)
THE INTEGER DATA TYPES STORAGE OF INTEGER TYPES IN MEMORY All data types are stored in binary in memory. The type that you give a value indicates to the machine what encoding to use to store the data in
More information