From d00cb4786258798ee8a50954c113be5c4c190188 Mon Sep 17 00:00:00 2001 From: Matt Strapp Date: Wed, 20 Oct 2021 13:35:01 -0500 Subject: start Q3 --- csci5271/hw2/ex2-template.tex | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) (limited to 'csci5271') diff --git a/csci5271/hw2/ex2-template.tex b/csci5271/hw2/ex2-template.tex index 96eca28..7d81f41 100644 --- a/csci5271/hw2/ex2-template.tex +++ b/csci5271/hw2/ex2-template.tex @@ -4,20 +4,9 @@ \begin{document} \begin{center} -CSci 5271 Fall 2021 Exercise Set 2 answers template +CSci 5271 Fall 2021 Exercise Set 2 answers \end{center} -Please use this as a template for submitting your answers to -exercise set 2. (This template is available from the course web site -in either LaTeX or Google Doc formats). Type your answers on each page -after the question prompt (you can use additional pages, though that -we expect that would rarely be required). If you can write all your -answers electronically, please do so and export to a PDF to submit. -If you would prefer to hand-draw figures, you can also submit a scan. - -Please ensure that the names and UMN email addresses of all of your -group members are recorded on Gradescope, and also confirm them below: - \vspace{10pt} \begin{tabular}{|p{2.6in}|p{2.6in}|}\hline @@ -37,7 +26,8 @@ Example input that causes a buffer overflow: A list of invariants for the transform function: \begin{itemize} \item bp is increased by one for every opening brace or bracket and goes down by one for every closing brace or bracket. (this gets violated) - \item + \item The brace/bracket level is equal to the number of opening braces or brackets respectively minus the number of closing brackets. + \item The rotation level is increased by 13 for every opening curly brace, resetting to 0 when equal to 26. \end{itemize} The change that needs to be made is to make sure that bp decrements when there is an opening curly brace regardless of the rotate amount. @@ -53,6 +43,7 @@ This code is an example of a use-after-free exploit. The way this exploit works \newpage Question 3 (reference monitor without hardware support, 15 pts): +One way to to implement a software reference monitor is to introduce Mandatory Access Control. \newpage @@ -65,4 +56,5 @@ The program also implies that the user running the program is actually the real Question 5 (Multilevel-secure classification, 20 pts): + \end{document} -- cgit v1.2.3