Best代写-最专业靠谱代写IT | CS | 留学生作业 | 编程代写Java | Python |C/C++ | PHP | Matlab | Assignment Project Homework代写

C语言代写 | Assignment 4 | Secure Programming 2021

C语言代写 | Assignment 4 | Secure Programming 2021


In this assignment you will fuzz a memory allocation library. You should write a driver program that
exercises the library based on the input it accepts. The program should support one of two behaviours:

• Pseudo-random driver: The program reads a number from stdin, uses this number to initialise a
pseudo-random number generator, which it uses to determine the sequence of operations on the heap.
For this, we provide two functions:

{ void sp seed(uint32 t seed), which takes a seed and initialises a pseudo-random-number gen-

{ uint32 t sp rand(), which returns the next pseudo-random number.

To ensure reproducibility, you may only use our random number generator as a source of randomness.

• A driver for an external fuzzer: The program assumes that an external fuzzer, such as AFL,
produces a sequence of characters, which the program reads from stdin. This sequence of characters
determines the sequence of operations the program performs.

Your driver program should be deterministic, i.e. if it gets the same input, it should perform the same
sequence of operations. The sequence of operations it generates should be correct, and should never fail if
the underlying malloc library is correct.

malloc library:

The file spalloc.c contains an implementation of a malloc library. To facilitate debugging, we renamed the
functions to sp malloc, sp calloc, sp free, and sp realloc. However, with the exception of the bugs we
introduced, the functionality is identical to malloc, calloc, free, and realloc, respectively. The code is
only tested on 64-bit Linux. It is unlikely to work on 32-bit Linux. We do not know what happens on Mac
or on Windows. We also provide the matching header file spalloc.h.

To further assist with debugging, compiling spalloc.c with the ag -DSP FAKE replaces the implemen-
tation with calls to the standard malloc library, providing a known correct implementation.

To build the code, you need to modify the code, by setting the value of the macro STUDENTNUM to your
student number. (Seven digits, without the `a’.)

The code contains three known non-trivial bugs. Your aim is to identify, triage and fix these bugs. To get
marks for any of the bugs, your submitted solution should include an input that causes your test program
to crash. Note that changing STUDENTNUM may change the behaviour of the code. To get marks, the fail
should happen when STUDENTNUM is set to your student number. You will not get any marks for describing
or correcting bugs that you cannot reproduce with your student number and your driver program.


1. Driver software { 40%. Awarded based on both the code and the description of how the driver is built.
2. First bug { 25%.
3. Second bug { 20%.
4. Third bug { 15%.
5. Any additional bug { 5% bonus. There is no bonus for trivial bugs, for bugs related to running out of
memory, for bugs that cannot be reproduced on 64 bit Linux, or for any bug that only appears when
compiling spalloc.c with non-default ags (including the defines mentioned above).

Note that you need to demonstrate reproducible bugs. Hence, when you nd an input that causes a bug
save a copy of the software and inputs used. See the submission instructions for requirements.