Answered step by step
Verified Expert Solution
Question
1 Approved Answer
ASCII TABLE QUESTION 4 A user program written in C/C+ language has among its code, a variable A declared as an 8 byte
ASCII TABLE QUESTION 4 A user program written in C/C+ language has among its code, a variable " A " declared as an 8 byte long string buffer. When the program is compiled, the variable "A" is initialized with a null string and given a memory location which happens to lie adjacent to a memory location that was reserved for an operating system code containing the 4-byte pattern " 001C000A " (in hexadecimal), as illustrated in Table 1 below. In context, this 4-byte pattern represents two parts: the first 2-byte code " 001C " is an instruction telling the processor to jump to a number of memory locations forward given by the second 2-byte code. Therefore, as an example the 4-byte code " 001C000A " means processor must jump to 000A (or 10 in decimal) memory locations forward. Typically, older generation high-level programming languages like C/C+ do not provide any built-in protection against accessing or overwriting data in any part of the RAM memory or that can automatically check data written to a buffer's memory is within the bounds of the declared variable, unless specified by the programmer's own codes. Assume the programmer did not develop any additional code to check the length of a string that may be inserted by a user to update the "A " variable. a) If the program above attempts to store a string say, "Securities " as the value for "A "variable, update the new contents of all the memory locations in Table 1 below. b) Determine what would subsequently happen when the user program is executed by the processor after the above string in 4 (a) is stored in the respective memory locations. (6 marks) c) Assess how an attacker could exploit this as a vulnerability for him/her to develop a malicious code. Describe TWO (2) types of harm it can cause to the program or IT system. (9 marks)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started