P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg titulka
Check your input
Homework II.
PA193 – Secure coding
•Petr Švenda
•Lukáš Němec
•Faculty of Informatics, Masaryk University, Brno, CZ
D:\Documents\Obrázky\services_icon_full_bw5.jpg

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Input
•TLV string
•Example: 0E F1 05 FA 12 A3 D5 B8
•
•Type – 2 bytes
•Length – 1 byte
•Value – n bytes
•
•Input as command line arguments - (int argc, char *argv[])
•Program will be executed as ./main 0E F1 05 FA 12 A3 D5 B8
•
2

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Task
•Create program that accepts described input
•Process it any way you like (save, print, etc …)
•MAX filesize is 1 KB – strictly
•Use plain C
•Make as many logically different input processing bugs / mistakes •Program must compile without
errors on aisa    using gcc -std=c99 (any amount of warnings is permitted)
•
•
3

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
What to submit
•Upload your solution to IS homework vault
–Two files
–main.c – your program, max filesize 1 KB
–Text – description of your program (pdf or txt)
•Discuss each individual introduced bug
–Why it is a bug
–What consequences of the bug
–How to fix it (e.g. replace gets with fgets)
•Deadline: 20.10.2016 23:59 (full number of 7 points)
–Every additional 24h started means 2 points penalization
4