Which of the following is NOT a question to ask about what you are assuming about each library function's actions?
- What assumptions does the library function make?
- What information does the library function obtain from the environment and servers?
- Who wrote the library function?
- Does the library function do what the manual says?
Assuming p is a pointer variable, why is the statement "p = malloc(-128);" poor programming?
- This will allocate a very large amount of space.
- Allocating a negative amount of space frees that many bytes, so "free(p);" should be used instead
- It is invalid and will give a compile-time error
- You can't allocate negative amounts of space.
Which of the following is NOT a question about what users or remote servers will be supplying that is relevant to secure programming?
- What certifications does the user or remote server have?
- What am I assuming about the environment?
- What happens if what the user or server supplies is bogus?
- How can I check what the user or server is supplying for validity?
Which of the following should you AVOID whenever possible?
Passing pointers through a parameter list
Passing signed integers through a parameter list
Checking arguments passed through an interface are valid
Passing unsigned integers through a parameter list
Which of the following is NOT a language used to state specifications for formal methods?
Which principle of secure design does stepwise refinement follow?
- Principle of least common mechanism, because the modules do not share information
- Principle of fail-safe defaults, because if one module fails, the rest can compensate for the failure.
- Principle of economy of mechanism, as each module performs one task
- Principle of open design, as you can publish the details of the refinement
When you write a secure program, the goals must be __________.
- stated clearly and unambiguously
- written in clear English
- attainable regardless of the system on which the program is written
- specified in a mathematical or logical language