Rescue some slides from old private mono repos

20 files changed, 227 insertions, 0 deletions

diff --git a/slides/2018-software-security/sample/._bo-stack.c.swp b/slides/2018-software-security/sample/._bo-stack.c.swp
new file mode 100644
index 0000000..376288d
--- /dev/null
+++ b/slides/2018-software-security/sample/._bo-stack.c.swp
diff --git a/slides/2018-software-security/sample/_bo-heap.c b/slides/2018-software-security/sample/_bo-heap.c
new file mode 100644
index 0000000..a89959c
--- /dev/null
+++ b/slides/2018-software-security/sample/_bo-heap.c
@@ -0,0 +1,19 @@
+void verify_heap()
+{
+  char *buf = malloc(8*sizeof(char));
+  char *verified = malloc(sizeof(int));
+  *verified = 0;
+  gets(buf);
+  /* <verification goes here> */
+  if (*verified) {
+    printf("accept\n");
+  } else {
+    printf("reject\n");
+  }
+}
+
+int main(int argc, char *argv[])
+{
+  verify_heap();
+  return 0;
+}
diff --git a/slides/2018-software-security/sample/_bo-stack.c b/slides/2018-software-security/sample/_bo-stack.c
new file mode 100644
index 0000000..167496e
--- /dev/null
+++ b/slides/2018-software-security/sample/_bo-stack.c
@@ -0,0 +1,21 @@
+#include <stdio.h>
+
+void verify_stack()
+{
+  int verified = 0;
+  char buf[8] = {4,4,4,4,8,8,8,8};
+  gets(buf);
+  /* <verification goes here> */
+  if (verified) {
+    printf("accept\n");
+  } else {
+    printf("reject\n");
+  }
+}
+
+int main(int argc, char *argv[])
+{
+  printf("Lucky number: %d\n", 1337);
+  verify_stack();
+  return 0;
+}
diff --git a/slides/2018-software-security/sample/_stack-frame.c b/slides/2018-software-security/sample/_stack-frame.c
new file mode 100644
index 0000000..32f4fe2
--- /dev/null
+++ b/slides/2018-software-security/sample/_stack-frame.c
@@ -0,0 +1,26 @@
+#include <stdio.h>
+
+int add(int a, int b)
+{
+  int result;
+  result = a+b;
+  return result;
+}
+
+int sub(int a, int b)
+{
+  int result;
+  result = add(a,-b);
+  return result;
+}
+
+int algorithm()
+{
+  printf("result: %d\n", sub(2,1));
+}
+
+int main(int argc, char *argv[])
+{
+  algorithm();
+  return 0;
+}
diff --git a/slides/2018-software-security/sample/assignment-buffer-overflow.c b/slides/2018-software-security/sample/assignment-buffer-overflow.c
new file mode 100644
index 0000000..2fb0d58
--- /dev/null
+++ b/slides/2018-software-security/sample/assignment-buffer-overflow.c
@@ -0,0 +1,15 @@
+#include <stdio.h>
+#include <limits.h>
+#define SECRET UINT_MAX
+
+void gotcha() { printf("Gotcha!\n"); }
+
+int main() {
+  unsigned secret = 0;
+  char buf[8];
+  scanf("%s", buf);
+  if (secret == SECRET) {
+    gotcha();
+  }
+  return 0;
+}
diff --git a/slides/2018-software-security/sample/assignment-integer-overflow.c b/slides/2018-software-security/sample/assignment-integer-overflow.c
new file mode 100644
index 0000000..58c59b1
--- /dev/null
+++ b/slides/2018-software-security/sample/assignment-integer-overflow.c
@@ -0,0 +1,15 @@
+#include <stdio.h>
+
+int get_int() {
+  int v; printf("Enter an integer: ");
+  scanf("%d", &v);
+  return v;
+}
+
+int main() {
+  int a=get_int(), b=get_int(), max=10;
+  if (a+b > max)
+    printf("%d+%d > %d\n", a, b, max);
+  else
+    printf("%d+%d <= %d\n", a, b, max);
+}
diff --git a/slides/2018-software-security/sample/bad-add.c b/slides/2018-software-security/sample/bad-add.c
new file mode 100644
index 0000000..42424de
--- /dev/null
+++ b/slides/2018-software-security/sample/bad-add.c
@@ -0,0 +1,10 @@
+void cat(char *dst, size_t n,
+  char *src1, size_t n1,
+  char *src2, size_t n2)
+{
+  if (n1+n2 <= n) {
+    strncpy(dst, src1, n);
+    strncat(dst, src2, n-n1);
+  }
+}
+...
diff --git a/slides/2018-software-security/sample/bad-call.c b/slides/2018-software-security/sample/bad-call.c
new file mode 100644
index 0000000..9d6d57b
--- /dev/null
+++ b/slides/2018-software-security/sample/bad-call.c
@@ -0,0 +1,10 @@
+void init(char v, char *buf, int n)
+{
+  char *b = buf;
+  while (b < buf+n) {
+    *b++ = val;
+  }
+}
+...
+char *buf = malloc(2);
+init('A', buf, sizeof(buf));
diff --git a/slides/2018-software-security/sample/bad-index.c b/slides/2018-software-security/sample/bad-index.c
new file mode 100644
index 0000000..37d94b3
--- /dev/null
+++ b/slides/2018-software-security/sample/bad-index.c
@@ -0,0 +1,4 @@
+char b[4] = "abc";
+b[3] = 'd';
+printf("b: %s\n", b);
+...
diff --git a/slides/2018-software-security/sample/bad-index2.c b/slides/2018-software-security/sample/bad-index2.c
new file mode 100644
index 0000000..b9f5be6
--- /dev/null
+++ b/slides/2018-software-security/sample/bad-index2.c
@@ -0,0 +1,4 @@
+char b[4] = "abc";
+b[4] = 'd';
+printf("b: %s\n", s);
+...
diff --git a/slides/2018-software-security/sample/bad-printf.c b/slides/2018-software-security/sample/bad-printf.c
new file mode 100644
index 0000000..7026600
--- /dev/null
+++ b/slides/2018-software-security/sample/bad-printf.c
@@ -0,0 +1,4 @@
+char b[4];
+fgets(b, 4, stdin);
+printf(b);
+...
diff --git a/slides/2018-software-security/sample/bo-heap.c b/slides/2018-software-security/sample/bo-heap.c
new file mode 100644
index 0000000..60fd29e
--- /dev/null
+++ b/slides/2018-software-security/sample/bo-heap.c
@@ -0,0 +1,13 @@
+void verify_heap()
+{
+  char *buf = malloc(8*sizeof(char));
+  int *verified = malloc(sizeof(int));
+  *verified = 0;
+  gets(buf);
+  /* <verification goes here> */
+  if (*verified) {
+    printf("accept\n");
+  } else {
+    printf("reject\n");
+  }
+}
diff --git a/slides/2018-software-security/sample/bo-stack.c b/slides/2018-software-security/sample/bo-stack.c
new file mode 100644
index 0000000..f8bcb55
--- /dev/null
+++ b/slides/2018-software-security/sample/bo-stack.c
@@ -0,0 +1,12 @@
+void verify_stack()
+{
+  int verified = 0;
+  char buf[8];
+  gets(buf);
+  /* <verification goes here> */
+  if (verified) {
+    printf("accept\n");
+  } else {
+    printf("reject\n");
+  }
+}
diff --git a/slides/2018-software-security/sample/build b/slides/2018-software-security/sample/build
new file mode 100755
index 0000000..123db54
--- /dev/null
+++ b/slides/2018-software-security/sample/build
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+echo "[Compile] bo-stack"
+gcc -g -O0 -fno-stack-protector -o bo-stack _bo-stack.c &> /dev/null
+
+echo "[Compile] bo-heap"
+gcc -g -O0 -fno-stack-protector -o bo-heap _bo-heap.c &> /dev/null
+
+echo "[Compile] stack-frame"
+gcc -g -O0 -fno-stack-protector -o stack-frame _stack-frame.c
diff --git a/slides/2018-software-security/sample/ldd b/slides/2018-software-security/sample/ldd
new file mode 100644
index 0000000..dc2cc99
--- /dev/null
+++ b/slides/2018-software-security/sample/ldd
@@ -0,0 +1,7 @@
+$ cat main.c
+int main() { return 0; }
+$ gcc main.c
+$ ldd ./a.out
+    linux-vdso.so.1 (0x00007fff3a9e4000)
+    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa5bfeda000)
+    /lib64/ld-linux-x86-64.so.2 (0x00007fa5c04cd000)
diff --git a/slides/2018-software-security/sample/ldd2 b/slides/2018-software-security/sample/ldd2
new file mode 100644
index 0000000..ff87494
--- /dev/null
+++ b/slides/2018-software-security/sample/ldd2
@@ -0,0 +1,8 @@
+$ ldd ./a.out
+	linux-vdso.so.1 (0x00007ffdda7ce000)
+	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f7f307ba000)
+	/lib64/ld-linux-x86-64.so.2 (0x00007f7f30dad000)
+$ ldd ./a.out
+	linux-vdso.so.1 (0x00007ffe387d4000)
+	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fdd793ef000)
+	/lib64/ld-linux-x86-64.so.2 (0x00007fdd799e2000)
diff --git a/slides/2018-software-security/sample/main.c b/slides/2018-software-security/sample/main.c
new file mode 100644
index 0000000..f8b643a
--- /dev/null
+++ b/slides/2018-software-security/sample/main.c
@@ -0,0 +1,4 @@
+int main()
+{
+  return 0;
+}
diff --git a/slides/2018-software-security/sample/splint b/slides/2018-software-security/sample/splint
new file mode 100644
index 0000000..af8501e
--- /dev/null
+++ b/slides/2018-software-security/sample/splint
@@ -0,0 +1,17 @@
+static-analysis.c: (in function main)
+static-analysis.c:7:9: Possibly null storage buf passed as non-null param:
+                          fgets (buf, ...)
+  A possibly null pointer is passed as a parameter corresponding to a formal
+  parameter with no /*@null@*/ annotation.  If NULL may be used for this
+  parameter, add a /*@null@*/ annotation to the function parameter declaration.
+  (Use -nullpass to inhibit warning)
+   static-analysis.c:6:15: Storage buf may become null
+static-analysis.c:7:3: Return value (type char *) ignored: fgets(buf, 8, stdin)
+  Result returned by function call is not used. If this is intended, can cast
+  result to (void) to eliminate message. (Use -retvalother to inhibit warning)
+static-analysis.c:9:12: Fresh storage buf not released before return
+  A memory leak has been detected. Storage allocated locally is not released
+  before the last reference to it is lost. (Use -mustfreefresh to inhibit
+  warning)
+   static-analysis.c:6:25: Fresh storage buf created
+
diff --git a/slides/2018-software-security/sample/stack-frame.c b/slides/2018-software-security/sample/stack-frame.c
new file mode 100644
index 0000000..b5c962f
--- /dev/null
+++ b/slides/2018-software-security/sample/stack-frame.c
@@ -0,0 +1,18 @@
+int add(int a, int b)
+{
+  int result;
+  result = a+b;
+  return result;
+}
+
+int sub(int a, int b)
+{
+  int result;
+  result = add(a,-b);
+  return result;
+}
+
+int algorithm()
+{
+  printf("result: %d\n", sub(2,1));
+}
diff --git a/slides/2018-software-security/sample/static-analysis.c b/slides/2018-software-security/sample/static-analysis.c
new file mode 100644
index 0000000..3d89478
--- /dev/null
+++ b/slides/2018-software-security/sample/static-analysis.c
@@ -0,0 +1,10 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+int main()
+{
+  char *buf = malloc(8);
+  fgets(buf, 8, stdin);
+  printf("%s\n", buf);
+  return 0;
+}