Tag: security

Questions Related to security

int main (int argc, char *argv[]){
    char chararray[3];
    int intarray[3];
    int i;
    strncpy(chararray, argv[1], sizeof(chararray) - 1);
    for (i=0;i<=3; i++){ /*1*/   chararray[i]= getchar();
        intarray[i]=i*i;/*2*/
    }
}

Is there a vulnerability in this code? If yes, which line(s) (Line numbers are marked using comments /* */)?

technology security

  1. 1

  2. 2

  3. 1 & 2

  4. No vulnerability

Show answer
Correct Option: A

AI Explanation

To answer this question, let's analyze the code and identify any potential vulnerabilities.

The vulnerability in this code lies in line 1, marked by the comment /1/.

In line 1, the code attempts to read characters from the standard input using getchar() and store them in the chararray array. However, the chararray array has a size of 3, which means it can only hold three characters (including the null terminator). If the user enters more than three characters, this will result in a buffer overflow, causing undefined behavior and potentially leading to a security vulnerability.

To fix this vulnerability, the chararray array should have a size that is large enough to accommodate the maximum number of characters it needs to store, plus one for the null terminator. For example, if the maximum input size is 10 characters, the array declaration should be char chararray[11]; (10 characters + 1 null terminator).

Therefore, the correct answer is A) 1.

The options show various uses of strncpy. Choose which use of strncpy is most secure while not wasting storage space at dst? Src is an untrusted input obtained from an external source.
technology security

  1. Strncpy(dst,src,len(dst))

  2. Strncpy(dst,src,len(src)+1)

  3. Strncpy(dst,src,len(dst)+1)

  4. Strncpy(dst,src,len(dst)-1)

Show answer
Correct Option: D

Which of the following is a secure way to use scanf?

technology security

  1. scanf("%.8s", name);

  2. scanf("%8s", name);

  3. scanf("%8c", name);

  4. scanf("%s", name);

Show answer
Correct Option: B

How do you fix the unbounded string copy in the following code? 

char fname[20];   /* 1 */ 
cout << “Enter First Name:”; /* 2 */ 
cin >> fname ;   /* 3 */
technology security

  1. Replace cin call in line 3 with gets() function.

  2. The length of input from cin cannot be limited. Use a larger array for fname.

  3. Use cin.width[20] before line 3.

  4. Use cin.size[19] before line 3.

Show answer
Correct Option: C

While trying to print an eight character long name, which of the following will introduce a security vulnerability ? 

printf ("%.8s",name); /* 1 */
printf (name);  /* 2 */ 
printf ("%s",name);  /* 3 */ 
printf ("%8c", name);  /* 4 */
technology security

  1. 1 and 2

  2. 2 and 3

  3. 3 and 4

  4. only 2

Show answer
Correct Option: B 
int main(int argc,char* argv[]) {
    int *ptr1=new int;
    if(ptr1==NULL)    exit(1);
    int *ptr2=new int;
    if(ptr2==NULL)    exit(1);
    char* j;
    j=argv[1];
    int k=atoi(j);
    if (j==0){
        Ptr1=&k;
        delete ptr2;  /*1*/
    }
    else {
        Ptr2=&k;
    }
    delete ptr1;  /*2*/  
    delete ptr2; /*3*/   
    return 0;
}

which line of the code should be deleted to remove vulnerability
technology security

  1. line 1 and line 3

  2. line 2 and line 3

  3. line 1

  4. line 3

Show answer
Correct Option: C

char *name="32000"; What will be sizeof(name) return?
technology security

  1. 4 - it is the size of the pointer

  2. 5 - it is the number of characters in the string that the pointer points to

  3. 4 - it is the size when 32000 is stored as integer

  4. 1 - it is the size of a character variable

Show answer
Correct Option: A 
int main(int argc,char* argv[]){
    int *ptr=new int;
    if(ptr==NULL)   exit(1);
    char *j;
    for(int i=1; i<=4;  i++) {
        j=argv[i];
        int k=atoi(j);
        if (k!=0){
            *ptr=k;
            delete ptr;
        }
    }
}

Will this program execute successfully ?

technology security

  1. program works when there is only 1 argument with program.

  2. program works when there are 3 arguments with program.

  3. program works when there are 4 arguments with program.

  4. program never executes successfully.

Show answer
Correct Option: D 
unsigned int i; 
scanf("%u",&i);

With the size of unsigned integers being 4 bytes, What happens when a negative number is entered?
technology security

  1. A run-time error is encountered and the program aborts.

  2. unsigned int variables cannot store the sign (+ or -) of the number. The sign is discarded and only the number is stored in i.

  3. A large positive number will be stored in i.

  4. Unsigned int variables cannot store signed numbers. Hence in this program i will contain garbage values.

Show answer
Correct Option: C 
int i=987987987;
int j= i*10;

what is the value of j (size of integer is 4 bytes)?
technology security

  1. 1289945278

  2. garbage. Integer j cannot hold such large values

  3. 9879879870

  4. Program is aborted.

Show answer
Correct Option: A