Do you think you know enough about security issues in C code? Can you think with the mind of a hacker?
Test your knowledge with our interactive quiz! Check how much you know, share the results, and help your colleagues learn more about secure coding. Simply click on the "start" button. It's fun and easy - so don't wait!
9
10
11
12
13
Rate this question:
Buffer overflows on the heap cannot be exploited to run arbitrary code.
If a function is vulnerable to a buffer overflow due to large user input being put in a small fixed-size buffer, making the buffer 10 times as large as a “quick fix” will reduce the impact of the vulnerability.
Buffer overflows can be used to alter the state and operation of the vulnerable application in an undetectable way.
If code cannot be executed on the stack (e.g. through the use of the non-execute bit or DEP), attackers cannot run arbitrary code by exploiting a buffer overflow.
Calling free() on the same memory address twice may crash the application, but will not lead to an exploitable buffer overflow.
Rate this question:
There is no reliable way to protect against format string vulnerabilities.
Injected shellcode can be reliably identified by intrusion detection software.
Proper use of secure integer libraries eliminates integer overflow vulnerabilities.
Using data execution prevention, address space layout randomization and stack smashing protection at the same time provides complete protection against buffer overflow exploits.
Using strncpy and strncat instead of strcpy and strcat guarantees error-free operation.
Rate this question:
Unicode characters may be used to bypass black-list filtering
In every encoding form, the size of Unicode characters may differ from each other
The length() of a Unicode string may be different from its size()
Unicode strings cannot be printed easily out on the screen
Directional control characters such as U+202E may be exploited
Rate this question:
Char pwd[37], n[ll+1];
#define ll 13
Void s(char *u) {strncpy(n,u,ll-1); printf(n);}
Void s(char *u) {strncpy(n,u,11); printf(“%s”, n);}
Void s(char *u) {strncpy(n,u,ll-1); cout
Rate this question:
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.