CS 419: Security Threats and Interactions

Questions and Answers

What is the potential issue with the line numSyms += ((JBIG2SymbolDict *)seg)->getSize();?

• Integer overflow (correct)
• Null pointer dereference
• Use of uninitialized variable
• Memory leak

What type of attack is being described in the slide Command injection attacks: Input Sanitization?

• Code injection
• Command injection (correct)
• SQL injection
• Cross-site scripting

What is the primary goal of input sanitization in command injection attacks?

• To improve system performance
• To prevent buffer overflow
• To prevent malicious input from being executed (correct)
• To limit the damage of an attack

What is the difference between command injection and code injection?

Command injection executes commands, while code injection executes arbitrary code (B)

What is the vulnerability in the SQL query sprintf(buf, "SELECT * WHERE user='%s' AND query='%s';", uname, query);?

SQL injection (D)

What is the consequence of the SQL injection attack in the example?

The attacker gains unauthorized access to the system (B)

What is the purpose of confinement in system security?

To limit the damage of an attack (A)

What is the role of containers in system security?

To provide an additional layer of confinement (D)

What is the common goal of system-related vulnerabilities?

To gain unauthorized access to the system (D)

What is the primary concern in the code syms = (JBIG2Bitmap **)gmallocn(numSyms, sizeof(JBIG2Bitmap *));?

Integer overflow (C)