help3007

It's UWAweek 47

help3007

This forum is provided to promote discussion amongst students enrolled in CITS3007 Secure Coding. If posting a question, it's suggested you check first whether your question is answered in the unit Frequently Asked Questions (FAQ) list, and use the search box (on the right) to see if an answer to your question has already been posted.

Please consider offering answers and suggestions to help other students! And if you fix a problem by following a suggestion here, it would be great if other interested students could see a short "Great, fixed it!" followup message.

Note that any posts must comply with the UWA Code of Conduct and the UWA Academic Conduct Policy. That means you should (a) treat everyone with respect and courtesy, and (b) not post your solutions to an assessment that's in progress.

If asking a programming question, it's recommended you read How do I ask a good question? If reporting or troubleshooting a bug in software used in the unit, it's recommend you read How to report bugs effectively.

Displaying selected article

Showing 1 of 170 articles.
Currently 30 other people reading this forum.

UWA week 21 (1st semester, week 12) ↓

project Couple Questions (all 4)

4:53pm Mon 20th May, Arran S.

Hi Spencer,

"Spencer Kinder" [email protected] wrote:

Hi I just have a couple questions for the project/submission,

First, is the project submission section the sandbox we can use? And will we be able to take multiple "attempts" at submitting because it looks like a test format and I want to be sure before I use it.

I'll enable the test sandbox shortly. But really, you shouldn't rely on it, and it won't help you much. The project spec and the labs make it clear that part of the work of the project is for students to make use of sanitizers, static analysis, and testing (at a variety of levels of optimization). The testing area will not enable these for you – students should have already completed labs on all these topics, and be able to put the ideas into practice themselves. However, if you're completely stumped for testing ideas, then the test sandbox might provide some inspiration as to some (minimal) tests you could implement.

Another question is about the preconditions, as far as I can tell the user will need to ensure that the preconditions are met and we (the designer) don't need to check them. However it seems that the we need to meet the precondition that "cipher_text must point to a buffer of identical length to plain_text" as there is no way for a user to supply this. My question is then do we need to check the other preconditions?

In general, regarding preconditions: you'll have to interpret this for yourself, I'm afraid. Preconditions were discussed in lectures, and it's now up to you to correctly apply what was covered.

Regarding the cipher_text: I'm not clear why you think a user (I assume you mean "a caller of the functions") has "no way to supply this". Why wouldn't they?

Also just a small thing about the include for the crypto.h file, when submitting do we use include <crypto.h> instead of "crypto.h"?

From recollection, the spec says <crypto.h>, but in this case, Moodle will accept either.

I hope that helps — let me know if you need any clarification.

cheers,

Arran

help3007 articles all ANNOUNCEMENTS recent articles login to post a new article tagged articles (144 / 199) the unit in general (6) software security in the news (1) lectures (5) labs (22) project (78) final exam (17) tests and quizzes (9) trivia (3) the C language (3) help3007 topics from today and yesterday from the past week from the past two weeks ALL topics, most recent first	login chapter0 unitinfo research projects csforum csse-feedback csbreakdown cssubmit csmarks 2nd semester help fora Algebra Advanced Algorithms Cloud Computing High Performance Computing Intelligent Agents Professional Computing Relational Database Management Systems Systems Programming