¾µäC³ÌÐòÇó½â
Problem 1
Read Ken Thompson's article ...
char s[] = {
'\t',
'0',
'\n',
'}',
';",
'\n',
'\n',
'/',
'*',
'\n',
(213 lines deleted)
0
};
/* The string s is a
* representation of the body
* of this program from '0'
* to the end.
*/
main(){
int i;
printf("char\ts{ } = {\n");
for(i=0; s[i]; i++)
printf("\t%d,\n",s[i]);
printf("%s",s);
}
Compile and run this program. You will have to figure out what goes in the 213 deleted lines. If you want, you can leave the comment out of the string s and out of the program. Explain the output. By itself, this program does not pose any sort of security threat. Explain in your own words what this program has to do with Thompson's Trojan Horse attack.
û¿´¶®¡£
printf("%s",s); Ö´ÐÐÕâ¾äµÄʱºò£¬s[1]µÄ'0'Ϊʲôû´ò³öÀ´ÄØ£¿
up
ÕÒµ½ÄǸö'0'ÁË£¬¸Õ²Å¿´´íÐÐÁË¡£
²»¹ý»¹ÊÇû¿´Ã÷°×ľÂíÊÇÔõô»ØÊÂ
mark
ÕÒµ½ÔÎÄÁË£¬ÕâÊÇKen Thompson»ñµÃͼÁé½±µÄÑݽ²µÄÒ»²¿·Ö¡£
Õâ¶Î´úÂëÊÇÒ»¸öÀý×Ó£¬Ëü¿ÉÒÔ²úÉú¾ßÓÐ×ÔÎÒ¸´ÖÆÄÜÁ¦µÄ³ÌÐò¡£
²»¹ý¡¡»¹ÊÇû¿´¶®
Figure 1 shows a s
Ïà¹ØÎÊ´ð£º
ÔÚueÖдÓÔ¶³ÌunixÓöþ½øÖÆ·½Ê½ÏÂÔØcÎļþµ½±¾µØ£¬ÐÞ¸ÄÖ®ºóÓöþ½øÖÆ·½Ê½ÉÏ´«µ½unixÖУ¬ÔÙÓÃvi´ò¿ª¸ÃÎļþ£¬Ã¿ÐкóÃæ¾Í»áÓÐÒ»¸ö^MµÄ»»Ðзû£¬Èç¹û²ÉÓÃascii·½Ê½ÏÂÔØ£¬¶þ½øÖÆ·½Ê½ÉÏ´«µÄ»°¾ÍûÓÐ^M£¬ÄÇÇëÎÊÕâÑù»á¶Ô³ÌÐòÎļþ ......
QQȺ 29152388
ÓÑÇéUP
°ï¶¥
up
°ïup
up Ö§³Ö£¡
up jf
...ÄѵÀÓзÖ..?
up up up
Ï£ÍûÓеüӷ֣¬¹þ¹þ¡£
Ö§³Ö£¬ÎÒ¼ÓÁË£¬Ï£ÍûÂ¥Ö÷ÄܼÓÎÒ£¬¹²Í¬Ñ§Ï°¹þ
¼ÓÁË¡£
¶¥ÉÏ£¬Ã¿ÌìÊÕ»ñÒ»µã£¬Ö§³Ö ......
±àÒëÆÕͨµÄcûÎÊÌâ°¡£¬µ«±àÒëjavahÉú³ÉµÄ¾Í±¨´í£º
gcc -O0 -g3 -Wall -c -fmessage-length=0 -oHelloWorld.o ..\HelloWorld.c
gcc -otest.exe HelloWorld.o
d:/MinGW/bin/../lib/gcc/mingw32/3.4.5/../../. ......
±àд³ÌÐòdetab, ½«ÊäÈëÖеÄÖƱí·ûÌæ»»³ÉÊʵ±ÊýÄ¿µÄ¿Õ¸ñ£¬Ê¹¿Õ¸ñ³äÂúµ½ÏÂÒ»¸öÖƱí·ûÖÕÖ¹µÄµØ·½¡£¼ÙÉèÖƱí·ûÖÕֹλµÄλÖÃÊǹ̶¨µÄ£¬±ÈÈçÿ¸ônÁоͻá³öÏÖÒ»¸öÖƱí·ûÖÕֹλ¡£
£££££££££££££££££££ ......
´ó¼ÒºÃ£¡ÎÒÊÇһλC°®ºÃÕߣ¬Ïò´ó¼ÒÇë½ÌÏ£¬C³ÌÐòÔ±¿ÉºÃÕÒ¹¤×÷£¿¹«Ë¾ÓÃC¸ÉЩʲô£¿
ÎÞËùνºÃ²»ºÃÕÒ¹¤×÷£¬Ò»°ãͨÐÅ¡¢ÏµÍ³¡¢Ç¶Èëʽ¡¢Ó²¼þ·½ÃæÓõĶ࣬¶øÇÒÓÉÓÚCµÄµ×²ãÌØÐÔ£¬Ñ§»áºóÔÚѧÆäËûµÄ»á±È½ÏÈÝÒ×
²»¹ÜÓÃʲôÓï ......
