Question
Each of the following code fragments contains a number of security vulnerabilities. For each fragment, identify these security vulnerabilities and, for each vulnerability, discuss at
Each of the following code fragments contains a number of security vulnerabilities. For each fragment, identify these security vulnerabilities and, for each vulnerability, discuss at least one way that it could be improved. Note that in your discussion of how each vulnerability could be improved, you do not need to re-write a new version of the program in C; simply discuss your solution, either in pseudocode or in 1-2 sentences.
(a) /* File Descriptor Leak */
#include <stdio.h>
#include <unistd.h>
int main(intargc, char *argv[]){
char *filePath = argv[0];
char *shellPath = argv[1];
FILE *passwords;
passwords = fopen(filePath, "r");
/* Read the password and do something with it */
/* . . . */
/* Fork and execute alternative shell */
execl(shellPath, "shell", NULL);
}
(b )#include <stdio.h>
/*
Assume the following function is written for an electronic storefront.
The user will enter the ID of the item to be ordered, as well
as the quantity of units that they would like to purchase.
The program will then lookup the price for the price for the
item using a predefined function, getPriceByID(), and return
the total cost of the order.
*/
intgetTotalCost(){
char itemID[9];
int price, unitsOrdered, cost;
printf("Please enter the 9-digit ID of the item to be ordered: ");
scanf("%s", &itemID);
/* lookup the price according to the itemID */
price = getPriceByID(itemID);
printf("Please enter the quantity of units to be ordered: ");
scanf("%d", &unitsOrdered);
cost = price * unitsOrdered;
return cost;
}
(c) #include <stdio.h>
/* The following function is intended to return a user's full name
by concatenating the user's first and last name into a single string
and then returning that string. */
char *getFullName(char *firstName, char *lastName, int MAX_LEN){
char fullName[MAX_LEN];
strcpy(fullName, firstName);
strcat(fullName, " ");
strcat(fullName, lastName);
return fullName;
}
(d)#include <stdio.h>
/* The following code snippet runs through the list of CLI arguments
entered and displays them to the console. */
int main(intargc, char *argv[]){
inti;
printf("You've entered the following arguments: ");
for(i = 0; i<argc; i++){
print(argv[i]);
printf("\n");
}
/* ... */
}
Step by Step Solution
3.28 Rating (154 Votes )
There are 3 Steps involved in it
Step: 1
a 1 int mainintargc char argv argv is always an array of pointer in which each element points to com...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Intermediate Accounting
Authors: James D. Stice, Earl K. Stice, Fred Skousen
17th Edition
032459237X, 978-0324592375
