Defensive Programming 1
In this assignment you implement the super secure string stack machine called s5 in the programming language C.
Submission tag: d1
Deadline: Fr 11.12.2020 23:59
Organizational
- You can achieve 100 regular points, which equals 25% of the overall grade.
- You can earn 20 additional bonus points (if you are already positive), which equals 5% of the overall grade
- You lose -3 points for each of the following issues (even if not exploitable)
- Program crash
- Memory corruption, memory leak, use after free, double free, use of uninitialized memory or other stuff reported by valgrind, address sanitizer, scan-build & co.
- Format string vulnerability, integer overflow
- You lose -3 points for each of the following issues
- Undefined behavior, e.g.
(void*)x + 1 - Non-portable, hidden assumptions, e.g.
sizeof(int) == 4 - Hard-to-read or dangerous code, e.g.
#define FUNC(x) x=x*x - Use of global variables. They are not needed for this library.
- Compiler warnings, e.g.
printf("%u", (long long int)x)
- Undefined behavior, e.g.
Specification
The s5 machine is a simple stack machine with a minimal instruction set that can operate on strings. It has a stack of strings used for performing certain string operations. This is done by the so-called String Operation Unit (SOU). Furthermore, s5 has a data memory for keeping intermediate results.
Below is a graphical representation of the s5 machine. The commands for the s5 machine are provided via a simple input text file in ASCII format. After termination, the s5 machine outputs an ASCII file containing all stack slots as well as data memory slots.
You can find the detailed specification under lib_s5/api/s5.h
Functions
The s5 machine supports various functions which you shall implement. The detailed specification for each function can be found in lib_s5/api/s5.h
Depending on the number of test cases you pass on our test system, you can get points as follows. Please note that many functions do have dependencies which need to be fulfilled in order to get points. For example, the Cmd Store depends on Set Memory for performing the actual store operation.
| ID | Function Name | Points | Dependencies |
|---|---|---|---|
| A | Init | 0 | – |
| B | Delete | 0 | A |
| C | Pop / Push | 0 | A B |
| D | Store / Load | 0 | A B |
| E | Set Memory | 0 | A B |
| F | Get Memory /Size | 0 | A B C E |
| G | Get Stack / Pos | 0 | A B C E |
| H | Cmd Store / Cmd Load | 4 / 4 | A B E |
| I | Cmd Drop | 4 | A B C G |
| J | Cmd Dup | 4 | A B C G |
| K | Cmd Over | 4 | A B C |
| L | Cmd Reverse | 12 | A B C |
| M | Cmd Insert | 12 | A B C |
| N | Cmd Slice | 12 | A B C |
| O | Cmd Split | 12 | A B C |
| P | Cmd Replace | 12 | A B C |
| Q | File Parsing | 20 | All |
Bonus: Code Coverage
For getting coverage bonus points, we encourage you to write your own exhaustive test cases. Note that you can reuse many test cases for also testing the Defensive 2 assignment.
Branch coverage can be tested with
make testmake gcov
Depending on the metric called branch coverage, you can earn the following bonus points:
| Overall branch coverage | Bonus points |
|---|---|
| 75% <= cov < 80% | 4 (1%) |
| 80% <= cov < 85% | 8 (2%) |
| 85% <= cov < 90% | 12 (3%) |
| 90% <= cov < 95% | 16 (4%) |
| 95% <= cov | 20 (5%) |
Defensive Programming 2
In this assignment you implement the super secure string stack machine called s5 in the programming language Rust. The specification is exactly the same as for defensive programming 1. You can also reuse parts of your tests written for C to test your Rust implementation.
Submission tag: d2
Deadline: Fr 18.12.2020 23:59
Organizational
- You can achieve 84 regular points, which equals 21% of the overall grade.
- You lose -3 points for each occurrence of the following issues (even if not exploitable)
- Integer overflow
- Use of
unsafeRust code snippets
Points
| ID | Function Name | Points | Dependencies |
|---|---|---|---|
| A | Init | 0 | – |
| B | Delete | 0 | A |
| C | Pop / Push | 0 | A B |
| D | Store / Load | 0 | A B |
| E | Set Memory | 0 | A B |
| F | Get Memory /Size | 0 | A B C E |
| G | Get Stack / Pos | 0 | A B C E |
| H | Cmd Store / Cmd Load | 4 / 4 | A B E |
| I | Cmd Drop | 4 | A B C G |
| J | Cmd Dup | 4 | A B C G |
| K | Cmd Over | 4 | A B C |
| L | Cmd Reverse | 6 | A B C |
| M | Cmd Insert | 6 | A B C |
| N | Cmd Slice | 6 | A B C |
| O | Cmd Split | 6 | A B C |
| P | Cmd Replace | 6 | A B C |
| Q | File Parsing | 34 | All |
Defensive 1+2: Oral Exam
-
You have to defend your points during the oral exam at the end of the semester, which is mandatory.
-
During the oral exam, you have to explain:
-
Source code: How does your implementation work? Why did you implement it in this particular way? …
-
Issues (if any): What is the problem? What can/cannot happen? Which mitigation technique would prevent exploitation?
-
Mitigation (if any): Fix smaller issues in the source code
- General: Explain defensive programming principles
-