Tag: security

Questions Related to security

What vulnerability is present in following code: unsigned char j,k; j=getchar(); k=getchar(); unsigned char result = j + k;
technology security

  1. Heap Overflow

  2. Integer overflow

  3. Buffer overflow

  4. No Vulnerability

Show answer
Correct Option: B

Which statement creates a buffer over flow? #include #include #include int main (int argc, char *argv[]) { int i=0,j=1; char ipstring[80]; for (;i<=3;i++){ cout<

technology security

  1. j=getchar();

  2. gets(ipstring);

  3. Both

  4. None

Show answer
Correct Option: B

In this code, x is freed twice. What is the risk of this code? x = malloc(200); /* do something with x / free(x); / do something else */ free(x);
technology security

  1. This is a double free vulnerability and must be fixed

  2. The second call to free() will return an error

  3. There might be compiler warnings, but the program will run fine

  4. This is not a security issue

Show answer
Correct Option: A

Is there a vulnerability in this code? If yes, which line(s) int main (int argc, char argv[]){ char chararray[3]; int intarray[3]; int i; strncpy(chararray, argv[1], sizeof(chararray) - 1); for (i=0;i<=3;i++){ /*1/ chararray[i]= getchar(); intarray[i]=i*i; /2/ } }

technology security

  1. for (i=0;i<=3;i++)

  2. intarray[i]=i*i;

  3. Both

  4. None

Show answer
Correct Option: A

What is the vulnerability ? int main (int argc, char *argv[]){ char k[3]; int i=0,j=1; char buffer[50]; strncpy(buffer, argv[1], sizeof(buffer) - 1); buffer[49]='/0'; unsigned char ch='a'; k[0]=1; do{ i++; k[i]=ch+i; } while(i<3); return 0; }

technology security

  1. Heap overflow

  2. Integer overflow

  3. Off by one error

  4. None

Show answer
Correct Option: C

The options show various uses of strncpy. Choose which use of strncpy is most secure while not wasting storage space at dst? Src is an untrusted input obtained from an external source.

technology security

  1. strncpy(dst,src,len(dst))

  2. strncpy(dst,src,len(src)+1)

  3. strncpy(dst,src,len(dst)+1)

  4. strncpy(dst,src,len(dst)-1)

Show answer
Correct Option: D

While trying to print an eight character long name, which of the following will introduce a security vulnerability ? printf ("%.8s",name); /* 1 / printf (name); / 2 / printf ("%s",name); / 3 / printf ("%8c", name); / 4 */

technology security

  1. printf ("%.8s",name); AND printf (name);

  2. printf (name); AND printf ("%s",name);

  3. printf ("%s",name); AND printf ("%8c", name);

  4. printf (name);

Show answer
Correct Option: B

AI Explanation

To answer this question, we need to understand how the printf function works and how it handles formatting and printing strings.

Option A) printf ("%.8s",name); AND printf (name); The first printf statement uses the format specifier "%.8s" which limits the output to a maximum of 8 characters. This ensures that only the first 8 characters of the name are printed. The second printf statement does not have a format specifier, so it will print the entire string. This combination is safe and does not introduce a security vulnerability.

Option B) printf (name); AND printf ("%s",name); The first printf statement does not have a format specifier, so it will print the entire string. This can be a security vulnerability if the name contains a format string that can be exploited. The second printf statement uses the format specifier "%s" which is safe and will print the entire string. This combination introduces a security vulnerability because the first printf statement does not limit the output.

Option C) printf ("%s",name); AND printf ("%8c", name); Both printf statements in this option use safe format specifiers. The first printf statement ("%s") will print the entire string, and the second printf statement ("%8c") will print the first character of the name followed by 7 spaces. This combination is safe and does not introduce a security vulnerability.

Option D) printf (name); This option does not have a format specifier, so it will print the entire string. This can be a security vulnerability if the name contains a format string that can be exploited.

Based on the explanations above, option B is the correct answer. This combination of printf statements introduces a security vulnerability because the first printf statement does not limit the output.

Which of the following is a secure way to use scanf?

technology security

  1. scanf("%.8s", name);

  2. scanf("%8s", name);

  3. scanf("%8c", name);

  4. scanf("%s", name);

Show answer
Correct Option: B

Which line of the code should be deleted to remove vulnerability? int main(int argc,char* argv[]) { int ptr1=new int; if(ptr1==NULL) exit(1); int *ptr2=new int; if(ptr2==NULL) exit(1); char j; j=argv[1]; int k=atoi(j); if (j==0){ Ptr1=&k; delete ptr2; /1/ } else { Ptr2=&k; } delete ptr1; /2/ delete ptr2; /3/ return 0; }
technology security

  1. delete ptr2; (within if loop) AND delete ptr1;

  2. delete ptr1; AND delete ptr2; (outside if loop )

  3. delete ptr2; (within if loop)

  4. delete ptr2; (outside if loop )

Show answer
Correct Option: C

What will be sizeof(name) return? char *name="32000";

technology security

  1. 4 - it is the size of the pointer

  2. 5 - it is the number of characters in the string that the pointer points to

  3. 4 - it is the size when 32000 is stored as integer

  4. 1 - it is the size of a character variable

Show answer
Correct Option: A