Computers and Technology, 24.06.2019 21:30 keelynnbarrier
Computer security/cybersecurity1) each of the following code fragments contains a number of security vulnerabilities. for each fragment, identify these security vulnerabilities and, for each vulnerability, discuss at least one way that it could be improved. note that in your discussion of how each vulnerability could be improved, you do not need to re-write a new version of the program in c; simply discuss your solution, either in pseudocode or in 1-2 sentences. a) /* file descriptor leak */#include #include int main(int argc, char *argv[]){ char *filepath = argv[0]; char *shellpath = argv[1]; file *passwords; passwords = fopen(filepath, "r"); /* read the password and do something with it */ /* . . */ /* fork and execute alternative shell */ execl(shellpath, "shell", null); }b)#include /* assume the following function is written for an electronic storefront. the user will enter the id of the item to be ordered, as well as the quantity of units that they would like to purchase. the program will then lookup the price for the price for the item using a predefined function, and return the total cost of the order.*/int gettotalcost(){ char itemid[9]; int price, unitsordered, cost; printf(" enter the 9-digit id of the item to be ordered: "); scanf("%s", & itemid); /* lookup the price according to the itemid */ price = getpricebyid(itemid); printf(" enter the quantity of units to be ordered: "); scanf("%d", & unitsordered); cost = price * unitsordered; return cost; }c)#include /* the following function is intended to return a user's full name by concatenating the user's first and last name into a single string and then returning that string. */char *getfullname(char *firstname, char *lastname, int max_len){ char fullname[max_len]; strcpy(fullname, firstname); strcat(fullname, " "); strcat(fullname, lastname); return fullname; }d)#include /* the following code snippet runs through the list of cli arguments entered and displays them to the console. */int main(int argc, char *argv[]){ int i; printf("you've entered the following arguments: "); for(i = 0; i < argc; i++){ print(argv[i]); printf("\n"); } /* */}
Answers: 2
Another question on Computers and Technology
Computers and Technology, 21.06.2019 20:50
What does operator overloading allow you to do?
Answers: 2
Computers and Technology, 22.06.2019 00:30
Advantages and disadvantages of binary system
Answers: 1
Computers and Technology, 23.06.2019 18:30
The computers in the sales department did not have enough data storage capacity to contain all the information the department needed to store, and it was taking a long time for team members to access the data they needed. to fix the problem, the technician installed new, larger hard drives on all the computers.
Answers: 1
Computers and Technology, 23.06.2019 19:30
Anul 2017 tocmai s-a încheiat, suntem trişti deoarece era număr prim, însă avem şi o veste bună, anul 2018 este produs de două numere prime, 2 şi 1009. dorel, un adevărat colecţionar de numere prime, şi-a pus întrebarea: “câte numere dintr-un interval [a,b] se pot scrie ca produs de două numere prime? “.
Answers: 3
You know the right answer?
Computer security/cybersecurity1) each of the following code fragments contains a number of security...
Questions
English, 08.10.2019 21:30
Mathematics, 08.10.2019 21:30
English, 08.10.2019 21:30
Mathematics, 08.10.2019 21:30
Arts, 08.10.2019 21:30
Mathematics, 08.10.2019 21:30
Advanced Placement (AP), 08.10.2019 21:30
Mathematics, 08.10.2019 21:30
Arts, 08.10.2019 21:30
Mathematics, 08.10.2019 21:30
History, 08.10.2019 21:30
