Tag: security

Questions Related to security

In the following code, which is the location of vulnerability? 

1 String username = req.getParameter("loginID"); 
2 String password = req.getParameter("loginPassword"); 
3 String sql = "SELECT UserID from Employee WHERE Emp_ID = ? AND Password=?"; 
4 pstmt = con.prepareStatement(sql); 
5 pstmt.setString(1,username); 
6 pstmt.setString(2,password); 
7 pstmt.execute(); 
8 user = pstmt.getResultSet(); 
9 if(user!=null)  
10 { 
11  while (user.next()) 
12  { 
13   userInfo.add(user.getString(1)); 
14  }  
15 } 
16 else 
17 { 
18  log.debug(“Invalid Login: Login ID-”+ username+” Password-”+ password); 
19 }
technology security

  1. Line 5

  2. Line 4

  3. Line 18

  4. Line 11

Show answer
Correct Option: C

Identify the line on which the vulnerability exists:

1 public class performSearchAction extends HttpServlet{ 
2 // Servlet for Search Action  
3  public void doPost(HttpServletRequest req, HttpServletResponse res)  
4  { 
5   try 
6   { 
7       ArrayList arrSearch =  Util.performSearchAction(req, res); 
8       req.setAttribute(“SearchResults”,arrSearch); 
9       RequestDispatcher rd = getServletContext().getRequestDispatcher("/SearchResult.jsp"); 
10      rd.forward(req,res); 
11  } catch (Exception e) { 
12               log.debug(“Exception occurred:”+e); 
13               } 
14  } //End of doPost method 
15  public void doGet(HttpServletRequest req, HttpServletResponse res) 
16  { 
17    doPost(req,res); 
18  } //End of doGet method 
19 } //End of Class
technology security

  1. Line # 12

  2. Line # 9

  3. Line # 17

  4. Line # 8

Show answer
Correct Option: C

Give the name of the vulnerability resides in the below code: 

... 
Runtime rt = Runtime.getRuntime(); 
Process proc = rt.exec("cmd.exe /c type "+request.getParameter("path")); //path is an Input Parameter and contains the file name. 
InputStream stdin = proc.getInputStream(); 
InputStreamReader isr = new InputStreamReader(stdin); 
BufferedReader br = new BufferedReader(isr);              
...
technology security

  1. Race Condition

  2. Command Injection

  3. Denial of Service

  4. Cross Site Request Forgery

Show answer
Correct Option: B

Are there any memory issues in the following code? Please assume that variable inputsize has the correct size. 

int add_num_array(int inputsize, int num) {
    int *newnum = malloc (inputsize * sizeof(int));  /* 1 */
    int i;   
    for (i=0; i
technology security

  1. No vulnerabilities are present

  2. Line 1 should only use malloc(inputsize);

  3. Line 2 should be for (i=0; i<=n, i++)

  4. Line 1 should use calloc() instead of malloc()

Show answer
Correct Option: D

What is the vulnerability in this code? 

    char output[20];  
    /*   Assume data is a character array with value %200d asdf   */  
    sprintf(output, data);
technology security

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code

Show answer
Correct Option: C

What is the vulnerability in this code? 

int main(int argc, char * argv[]) {   
    printf (argv[1]);  
}
technology security

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code

Show answer
Correct Option: C

What is the possible vulnerability in this code?

    unsigned int total, userinput1, userinput2;  
    userinput1 = receiveInput();  
    userinput2 = receiveInput();  
    total = userinput1 + userinput2;
technology security

  1. Integer overflow

  2. Buffer overflow

  3. Stack overflow

  4. Data type mismatch

Show answer
Correct Option: A

Which Compilation switch will you use to check Buffer Overflows?
technology security

  1. /GS on Visual C++ and -fmudflap -fmudflapth -fmudflapir on GCC

  2. /O in Vc++ and -O2 in GCC

  3. /S in Vc++ and -fcrossjumping in GCC

  4. /S in VC++ and -fno-function-cse in GCC

Show answer
Correct Option: A

What can go wrong in following code? 

#include   
int main(int argc, char *argv[]) {

if(argc != 3) {
        printf("usage: %s [source] [dest]\n", argv[0]);
        exit(1);

    }

    char x;
    FILE *file[2];
    file[0] = fopen(argv[1],"r+");
    file[1] = fopen(argv[2],"w+");
    for(x = 0; x &lt; 2; x++) { 
        if(file[x] == NULL) {
            printf("error opening file.\n");
            exit(1);
        }
    }

    do {
        x = fgetc(file[0]);
        fputc(x,file[1]);
    } while(x != EOF);

     for(x = 0; x &lt; 2; x++)
        fclose(file[x]);
     return 0; 
}
technology security

  1. SQL Injection

  2. Arc Injection

  3. Buffer Overflow

  4. both 2 and 3

Show answer
Correct Option: C

Which compilation switch should be enabled for stack protection? Choose the best and most secure option.
technology security

  1. fstack-protector

  2. fstack-protector-all

  3. fdelete-null-pointer-checks

  4. Both a and b

Show answer
Correct Option: B