
INFORMATION TECH.PROJECT...-W/MINDTAP
9th Edition
ISBN: 9781337586801
Author: SCHWALBE
Publisher: CENGAGE L
expand_more
expand_more
format_list_bulleted
Question
error_outline
This textbook solution is under construction.
Students have asked these similar questions
In each of the following C code snippets, there are issues that can prevent the compilerfrom applying certain optimizations. For each snippet:• Circle the line number that contains compiler optimization blocker.• Select the best modification to improve optimization.1. Which line prevents compiler optimization? Circle one: 2 3 4 5 6Suggested solution:• Remove printf or move it outside the loop.• Remove the loop.• Replace arr[i] with a constant value.1 int sum( int ∗ ar r , int n) {2 int s = 0 ;3 for ( int i = 0 ; i < n ; i++) {4 s += a r r [ i ] ;5 p r i n t f ( ”%d\n” , s ) ;6 }7 return s ;8 }2. Which line prevents compiler optimization? Circle one: 2 3 4 5 6Suggested solution:• Move or eliminate do extra work() if it’s not necessary inside the loop.• Remove the loop (but what about scaling?).• Replace arr[i] *= factor; with arr[i] = 0; (why would that help?).1 void s c a l e ( int ∗ ar r , int n , int f a c t o r ) {2 for ( int i = 0 ; i < n ; i++) {3 a r r [ i ] ∗= f a c t o r…
123456
A ROP (Return-Oriented Programming) attack can be used to execute arbitrary
instructions by chaining together small pieces of code called "gadgets." Your goal is
to create a stack layout for a ROP attack that calls a function located at 'Ox4018bd3'.
Below is the assembly code for the function 'getbuf, which allocates 8 bytes of stack
space for a 'char' array. This array is then passed to the 'gets' function. Additionally,
you are provided with five useful gadgets and their addresses. Use these gadgets to
construct the stack layout.
Assembly for getbuf
1 getbuf:
sub
mov
$8, %rsp
%rsp, %rdi
call
gets
add
$8, %rsp
6
ret
#Allocate 8 bytes for buffer
#Load buffer address into %rdi
#Call gets with buffer
#Restore the stack pointer
#Return to caller
Stack
each
Layout (fill
in
Gadgets
8-byte
section)
Address Gadget
Address Value (8 bytes)
0x7fffffffdfc0
0x7fffffffdfb8
0x7fffffffdfb0
0x7fffffffdfa8
0x7fffffffdfa0
0x7fffffffdf98
0x7fffffffdf90
0x7fffffffdf88
Original
0x4006a7 pop %rdi;…
Character Hex value || Character Hex value | Character Hex value
'A'
0x41
יני
Ox4a
'S'
0x53
0x42
'K'
0x4b
'T"
0x54
0x43
'L'
Ox4c
0x55
0x44
'M'
Ox4d
0x56
0x45
'N'
Ox4e
'W'
0x57
0x46
Ox4f
'X'
0x58
0x47
'P'
0x50
'Y'
0x59
'H'
0x48
'Q'
0x51
'Z'
Охба
'T'
0x49
'R'
0x52
'\0'
0x00
Now consider what happens on a Linux/x86 machine when callfoo calls foo with
the input string "ZYXWVUTSRQPONMLKJIHGFEDCBA".
A. On the left draw the state of the stack just before the execution of the instruction
at address Ox40053a; make sure to show the frames for callfoo and foo and
the exact return address, in Hex at the bottom of the callfoo frame.
Then, on the right, draw the state of the stack just after the instruction got
executed; make sure to show where the string "ZYXWVUTSRQPONMLKJIHGFEDCBA"
is placed and what part, if any, of the above return address has been overwritten.
B. Immediately after the ret instruction at address 0x400543 executes, what is
the value of the program counter register %rip? (That is…
Knowledge Booster
Similar questions
- Draw out the way each of these structs looks in memory, including padding! Number the offsets in memory. 1 struct okay Name 2 { short a; 3 4 long number; 5 int also_a_number; 6 7 }; char* text; 1 struct badName 2 { 3 4 5 }; short s; struct okay Name n;arrow_forwardYou can create your own AutoCorrect entries. Question 19Select one: True Falsearrow_forwardBy default, all text is formatted using the Normal Style. Question 20Select one: True Falsearrow_forward
- Node.js, Express.js, MongoDB, and Mongoose: Create, Read, Update, and Delete Operations There is a program similar to this assignment given as the last example, CRUD, in the lecture notes for the week that discusses the introduction to MongoDB. Basically, you need to adapt this example program to the data given in this assignment. This program will take more time that previous assignments. So, hopefully you'll start early and you've kept to the schedule in terms of reading the lecture notes. You can use compass if you want to create this database. Or, when your connection string in the model runs it will create the database for you if one does not yet exist. So, ⚫ create a Mongoose model based on the info given below. The index.html page is given in the same folder as these notes. • When you successfully run index.js and instantiate the model, your database is created. • Once the database is created, you need to perfect the addCar route so you can add data using the index.html page. •…arrow_forward1. Enabled with SSL, HTTPS protocol is widely used to provide secure Web services to Web users using Web browsers on the Internet. How is a secure communication channel established at the start of communication between a Web server running HTTPS and a Web browser? Consider the following threats to Web security and how each of these threats is countered by a particular feature of SSL. Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. Password sniffing: Passwords in HTTP or other application traffic are “eavesdropped.” SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open” connection around for a few minutes. Repeated SYN messages can clog the TCP module.arrow_forwardSQL Injection on UPDATE Statement for educational purpose only Based on the information below how do i update this code in order to update the emplyees field, eg admin nickname, email,address, phone number etc? ' ; UPDATE users SET NickName='Hacked' WHERE role='admin' -- If a SQL injection vulnerability happens to an UPDATE statement, the damage will be more severe, because attackers can use the vulnerability to modify databases. In our Employee Management application, there is an Edit Profile page (Figure 2) that allows employees to update their profile information, including nickname, email, address, phone number, and password. To go to this page, employees need to log in first. When employees update their information through the Edit Profile page, the following SQL UPDATE query will be executed. The PHP code implemented in unsafe edit backend.php file is used to update employee’s profile information. The PHP file is located in the /var/www/SQLInjection directory.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
- Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning

Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning

Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning

Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,

Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning