<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Hi,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
>From my quick research, it looks like gcc has a flag to detect stack smashing, which may be default. After work I'll try to reproduce the issue shown in the first link below and get back to you.<br>
<br>
The third link has some stuff about string manipulation and other attacks. You may find it interesting, although you might already be familiar with most of it.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
I'm quite interested in learning security as well, so if you find anything cool or have good references please share!</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Cheers,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Charles</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<a href="https://www.thegeekstuff.com/2013/02/stack-smashing-attacks-gcc/" id="LPNoLPOWALinkPreview_0">https://www.thegeekstuff.com/2013/02/stack-smashing-attacks-gcc/</a><br>
</div>
<div class="_Entity _EType_OWALinkPreview _EId_OWALinkPreview_0 _EReadonly_1"></div>
<br>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<a href="https://wiki.osdev.org/Stack_Smashing_Protector" id="LPNoLPOWALinkPreview_1">https://wiki.osdev.org/Stack_Smashing_Protector</a><br>
</div>
<div class="_Entity _EType_OWALinkPreview _EId_OWALinkPreview_1 _EReadonly_1"></div>
<div><a href="http://www.sis.pitt.edu/jjoshi/courses/IS2620/Spring07/Lecture3.pdf" id="LPNoLPOWALinkPreview_2">http://www.sis.pitt.edu/jjoshi/courses/IS2620/Spring07/Lecture3.pdf</a><br>
</div>
<div><br>
</div>
<div class="_Entity _EType_OWALinkPreview _EId_OWALinkPreview_2 _EReadonly_1"></div>
<br>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> cs631apue-bounces@lists.stevens.edu <cs631apue-bounces@lists.stevens.edu> on behalf of Liam Brew <lbrew@stevens.edu><br>
<b>Sent:</b> Tuesday, September 1, 2020 9:05 AM<br>
<b>To:</b> cs631apue@lists.stevens.edu <cs631apue@lists.stevens.edu><br>
<b>Subject:</b> [cs631apue] Test Cases and C Vulnerabilities</font>
<div> </div>
</div>
<style>
<!--
@font-face
{font-family:"Cambria Math"}
@font-face
{font-family:Calibri}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif}
a:link, span.x_MsoHyperlink
{color:#0563C1;
text-decoration:underline}
span.x_EmailStyle17
{font-family:"Calibri",sans-serif;
color:windowtext}
.x_MsoChpDefault
{font-family:"Calibri",sans-serif}
@page WordSection1
{margin:1.0in 1.0in 1.0in 1.0in}
div.x_WordSection1
{}
-->
</style>
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="x_WordSection1">
<p class="x_MsoNormal">Hello all,</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">It was nice to meet everyone yesterday. I’m looking forward to a good semester together. As this is my first course that deals primarily with C, I was wondering how this language’s code is typically evaluated in an academic setting. While
I assume test cases such as erroneous inputs are very likely, I’m not sure about more malicious ones such as stack smashing/overflows, string manipulations, and so on. If anyone can chime in with their experiences, maybe we can compile a solid list of cases
to consider so that there are less surprises grading-wise. </p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Thanks! See you soon.</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">-----------------------</p>
<p class="x_MsoNormal">Very respectfully, </p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal"><a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Flbrew%2F&data=02%7C01%7Ccmagyar%40stevens.edu%7C7ff8742070124753afe208d84e90d2cb%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C637345731247989854&sdata=DDrLiPvJ7zZwlpMMTl8FtgiN4X%2FHSnA7MWIZd%2Fs0PEI%3D&reserved=0" originalsrc="https://www.linkedin.com/in/lbrew/" shash="Tfrxr/0bfhI0NJG3N19IpvVrN6xLrfZiIdJqbA6XyFZazHv6DRrl9cSahMl2Cjv7IYWgmw+uZ9zzI5p6Z018UnRGx7TtiaETf3S1+Vgs3WvenbMZM7yN9NvHAIEkn216b0MFCoEd+7quNTFkiNCFxabcX9IzsRobn+yo2tOooiY="><span style="text-decoration:none">Liam
Brew</span></a></p>
<p class="x_MsoNormal">B.E. Software Engineering 2021</p>
<p class="x_MsoNormal"> </p>
</div>
</div>
</body>
</html>