Final exam study guide

Scope

The final exam will be comprehensive. Anything covered in the homework, though the content covered after exam #2 will receive special emphasis.

Rules

Please review the rules in the exam #2 study guide and the course policies.

How to study

1. Review all of the homework assignments and quizzes. Make sure you could do any of them "cold".
2. Make sure you have read the four required readings given this semester (one on gdb, one on buffer overflows, and two on instruction-level program execution).
3. Make sure you understand the example given in the "hint" below.
4. Make sure you can answer any of the questions below (including the ones in the guides for the previous exams).
5. Go through a few valgrind reports and gdb sessions. Make sure you could predict any of the values. Exam and quiz questions earlier in the semester used this style.
6. Refer to the schedule for solutions to past quizzes and exams.
7. Refer to the snippets, notes for a refresher on what was covered in lecture.

Weeks 1 to 11

Please refer to the first two study guides:

• Exam #1 topics
• Exam #2 topics

Weeks 12-16

Most of this is copied verbatim from lists sent by email 12/2/2015 (linked via Blackboard) and 12/9/2015.

Files

1. How can a struct object be stored in a binary file?
2. What do we mean by a "binary file" (as opposed to a "text file")?
3. How are things like tabs and new lines represented in files?
4. What do the following do? How are they useful? fopen(…), fread(…), fwrite(…), fclose(…), fseek(…), ftell(…)
5. What are the three modes for opening files, and how are they different?

Hint: A fun puzzle is to think about what would happen if you read objects in a different order than they were written. You have to think about the bytes in the file and in memory and work through the endian-ness. This example was given in the review session.

Endian-ness

1. Is ecegrid little endian or big endian? ... and what does that mean?
2. How are colors represented in BMP?
3. How is little endian different from big endian?
4. Is the BMP file format little endian or big endian? ... and what does that mean?

Threads and processes

1. What is the relationship between threads and processes?
2. How does pthread_create(…) and pthread_join(…) affect the flow of execution? (Some might find the diagram used in class to be helpful for visualizing this.)
3. What are three options for boosting the performance of a program?
4. What is the most important way to improve performance of a program?
5. How do you compile code that uses the pthread library?
6. What is a process? What does it encompass?

Function addresses

1. What is a function address? What will you find at that memory address? Where else could you find the same bytes?
2. If f is the address of a function, in what segment is the memory f refers to?
3. How can you find information about pthread_create(…) without Google?

Preprocessor

1. What are the three ways to use #define?
2. How do you make a macro that takes arguments?
3. What can you do with a macro that you can't do with a function?
4. What can you do with a function that you can't do with a macro?
5. What are the "two rules" regarding parentheses with preprocessor macros? What can go wrong if they are not followed?

Buffer overflows and instruction-level program execution

This was previously sent by email and also copied into the HW13 assignment page.

• What happens under the hood when we call a function in C?
  
• What is the overall process?
• What happens with the stack?
• What is the role of the registers?
  
• rip – aka $pc, instruction pointer, program counter, IP, PC
  
• rsp - aka $sp, stack pointer
• rbp - aka base pointer, frame pointer
  
• general purpose – e.g., rdi, rsi, rdx, rcx, r8, …, r15
  
• What happens in the prologue and epilogue of a function?
• How are assembly instructions different from C code?
• What kinds of operations do assembly instructions do?
• What do the following categories of instructions do?
• jump, call, return, arithmetic, push, pop, move, arithmetic
• How do buffer overflow/overread attacks work?
• How does an attacker perpetrate an attack?
• simple buffer overflow
• simple buffer overread
• What is the role of a debugger (i.e., gdb)?
• How can you write C code that is resistant to such attacks?
• ... only as these apply to the x64 (aka AMD64, x86-64) architecture

Not in scope

• memorization of the BMP file format
• memorization of the exact order of parameters to the file or thread functions
• bit-wise operators
• static functions
• syntax of any specific assembly language instruction
• size of particular registers
• how to write programs in assembly language
• assembly language directives (.intel_syntax)
• any architecture other than AMD-64 on Linux
  

Other

1. What is the number base of an int?
2. What are some ways of discovering bugs you don't know about yet?
3. If you know your code has a bug but don't know where, what are some strategies for finding it? (See your reference sheet. This was also discussed on 11/17/2015.)
4. What are 6 ways to write the number "ten" in C code (assuming standard C99)?
5. How can you write C code that prints text in color?

---

© Copyright 2015 Purdue University