[理工] 交大os

看板Grad-ProbAsk作者 (uniqlong)時間10年前 (2014/02/06 22:11), 編輯推噓1(1019)
留言20則, 3人參與, 最新討論串1/1
101交大 int main (int argc,char *argv[]) {char buffer[256] if(argc<2) return -1 else{ strcpy(buffer,argv[1]) return 0 }} (a)signature-base anti-virus software is able to detect mutated malware (b)signature-based anti-virus software is able to detect privacy stealing malware (c)cryptosystems are based on computation complexity (d)port scanning is a means for a cracker to detect a system's vulnerability to attack (e)the program is vulnerable to buffer-overflow attack 想問一下程式碼含義和各選項 完全不知如何下手 還有strcpy 和 102交大7strcopy及 strncpy之用法 不好意思沒學過c 麻煩大家了!!感恩 -- Sent from my Android -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 101.12.255.192
02/06 23:21, , 1F
strncpy 後面可帶一個int 指的是要copy的字數 strcpy
02/06 23:21, 1F
02/06 23:21, , 2F
則是copy後面的字直到\0 到前面的pointer
02/06 23:21, 2F
02/07 00:00, , 3F
關鍵字Buffer overflow attack好像恐龍14.15章安全那邊
02/07 00:00, 3F
02/07 00:02, , 4F
其實原理超簡單…大概我修過資安吧 code根本複製貼上==
02/07 00:02, 4F
02/07 07:41, , 5F
感謝樓上兩位~~
02/07 07:41, 5F
02/07 07:43, , 6F
ab好像都是錯的那signature based anti-virus software
02/07 07:43, 6F
02/07 07:43, , 7F
到底能偵測什麼
02/07 07:43, 7F
02/07 07:44, , 8F
e是在間接說那個程式不安全的意思嗎?
02/07 07:44, 8F
02/07 07:45, , 9F
而e好像是對的
02/07 07:45, 9F
02/07 07:49, , 10F
102交大7出了一樣程式要選出避免安全問題
02/07 07:49, 10F
02/07 07:50, , 11F
答案好像是d,strcpy(buffer,argv[1],sizeof(buffer)+1)
02/07 07:50, 11F
02/07 07:51, , 12F
幫解釋一下含義,感恩
02/07 07:51, 12F
02/07 07:52, , 13F
上面是sizeof(buffer)-1打錯抱歉
02/07 07:52, 13F
02/07 12:02, , 14F
signature是偵測已知行為入侵 所以ab錯 應該改anomaly
02/07 12:02, 14F
02/07 12:04, , 15F
只要有異常會測到 然e不安全沒錯 要把strcpy換102那樣
02/07 12:04, 15F
02/07 12:04, , 16F
其實防止buffer overflow不只一種還有幾種恐龍沒提多少
02/07 12:04, 16F
02/07 12:06, , 17F
原理著墨多建議去看 問扣含意沒怎用==因為一模一樣扣
02/07 12:06, 17F
02/07 12:06, , 18F
資安教好幾種XD 改成strncpy是最簡單的 懂原理比較重要
02/07 12:06, 18F
02/07 16:00, , 19F
非常感謝回答
02/07 16:00, 19F
02/07 16:00, , 20F
我看還是放棄好了~~
02/07 16:00, 20F
更多 naoh810322 的文章
文章代碼(AID): #1IyvWISF (Grad-ProbAsk)