Week 2 (Functions, Strings, Arrays, PRNs)

Question 1

Which security flaw are arrays in C vulnerable to?

Answer 1

Buffer Overflow since there is the capability to exceed boundary of contiguous memory assigned to the array.

Question 2

What happens if an array is declared with a size N, but is not initialised?

Answer 2

The array is assigned contiguous memory from the heap, and elements are then populated randomly with 0’s or other random values.

Question 3

What happens if an element is added to the array at an index that surpasses the arrays boundaries?

Answer 3

The value is assigned to a memory address outside of the contiguous memory that was assigned to an array.

Question 4

How many bytes does a memory address traditionally accomodate?

Answer 4

1 byte.

Question 5

How do you calculate the memory needed for an array?

Answer 5

You multiple the data type size in bytes by the number of elements in the array. For example, int arr[10] -> 4 *10 = 40 bytes aka 40 memory locations.

Question 6

For a 2D array in C, int arr[2][3], which subscript bracket represents the rows and which represents the columns? How would you access the 2nd element on the bottom row?

Answer 6

[2] -> Row
[3] -> Column

arr[1][1]

Question 7

How is a 2D array stored in memory?

Answer 7

Contiguously by its columns.

Question 8

What are the 5 important string functions?

Answer 8

strlen -> Returns the length
strcpy -> Copies arg 2 to arg 1
strcat -> Concats arg 2 to arg 1
strcmp -> Compares for equality
sprintf -> Places result in buffer

Question 9

Why are Pseudo Random Numbers not truly random?

Answer 9

Because they are generated via an algorithm, thus will eventually repeat.

Question 10

What are the 5 Random Number Distributions?

Answer 10

Uniform -> All values are distributed evenly.
Gaussian -> The bell curve, a result of the central limit theorem.
Poisson -> The distribution of a count.
Bernoulli -> The distribution of 2 mutually exclusive events. E.g tossing a coin.
Gamma -> A distribution of positive values only.

Question 11

Which distribution does the rand( ) function perform?

Answer 11

Uniform -> We know it is algorithmic and not truly random because if we continuously generate rand( ), the output will eventually repeat.

Question 12

What is a way we can try and improve randomness?

Answer 12

Using seeding -> Set a random seed number to operate on the rand( ) output. For example, a seed can be the current time.

Question 13

What does a function definition consist of?

Answer 13

Function header and function body.

Question 14

What are the 4 main aspects of C functions?

Answer 14

• Can’t overload
• All functions are pass-by-value
• Functions that return no value are procedures
• If a function header doesn’t specify a type, it assumes an int is returned.

Question 15

What is the purpose of a functional prototype?

Answer 15

• Improve documentation
• Assists compiler in checking code

Question 16

Why does rand( ) always give the same numbers? How does srand( time(NULL) ) solve this?

Answer 16

rand( ) returns a PRN which is algorithmic and always starts at the same numbers.
srand( ) seeds this with ideally a unique number such as current time or PID.

Question 17

What are 2 good seeds for srand( ) ?

Answer 17

The current PID.
The current time.