# HG changeset patch # User Christian Urban # Date 1475618164 -3600 # Node ID e4a2807ac7f2ebe9400c31dd46efee57976a5bc7 # Parent da4896f201b56897301d1d640e87a9a319a619a3 updated diff -r da4896f201b5 -r e4a2807ac7f2 handouts/ho03.pdf Binary file handouts/ho03.pdf has changed diff -r da4896f201b5 -r e4a2807ac7f2 handouts/ho03.tex --- a/handouts/ho03.tex Tue Oct 04 22:43:00 2016 +0100 +++ b/handouts/ho03.tex Tue Oct 04 22:56:04 2016 +0100 @@ -39,9 +39,9 @@ ylabel={\% of total attacks}, ylabel style={yshift=-1em}, enlargelimits=false, - xtick={1997,1999,2001,...,2015}, + xtick={1997,2000,2002,...,2016}, xmin=1996.5, - xmax=2016, + xmax=2017, ymax=21, ytick={0,5,...,20}, scaled ticks=false, @@ -404,10 +404,10 @@ \begin{figure}[p] \lstinputlisting[language=C]{../progs/C2.c} -\caption{A vulnerable login implementation. The use of the -`own' \pcode{get\_line} function makes this program -vulnerable. The developer should have used \emph{safe} -library functions instead.\label{C2}} +\caption{A vulnerable login implementation. The use of the `own' + \code{get\_line} function makes this program vulnerable. The + developer should have used \emph{safe} library functions + instead.\label{C2}} \end{figure} This kind of attack was very popular with commercial programs @@ -566,10 +566,9 @@ \begin{figure}[p] \lstinputlisting[language=C]{../progs/C3.c} \caption{Overwriting a buffer with a string containing a -payload. Lines 14 and 15 write the address of the buffer -into \pcode{large\_string}. The payload is copied in -Lines 17 and 18. Line 20 copies the (too large) string -into the buffer.\label{C3}} + payload. Lines 14 and 15 write the address of the buffer into + \code{large\_string}. The payload is copied in Lines 17 and 18. Line + 20 copies the (too large) string into the buffer.\label{C3}} \end{figure} By the way you might naw have the question how do attackers