Final exam study guide
The final exam will be comprehensive. Anything covered in the homework, though the content covered after exam #2 will receive special emphasis.
How to study
- Review all of the homework assignments and quizzes. Make sure you could do any of them "cold".
- Make sure you have read the four required readings given this semester (one on gdb, one on buffer overflows, and two on instruction-level program execution).
- Make sure you understand the example given in the "hint" below.
- Make sure you can answer any of the questions below (including the ones in the guides for the previous exams).
- Go through a few valgrind reports and gdb sessions. Make sure you could predict any of the values. Exam and quiz questions earlier in the semester used this style.
- Refer to the schedule for solutions to past quizzes and exams.
- Refer to the snippets, notes for a refresher on what was covered in lecture.
Weeks 1 to 11Please refer to the first two study guides:
Most of this is copied verbatim from lists sent by email 12/2/2015 (linked via Blackboard) and 12/9/2015.
- How can a struct object be stored in a binary file?
- What do we mean by a "binary file" (as opposed to a "text file")?
- How are things like tabs and new lines represented in files?
- What do the following do? How are they useful? fopen(…), fread(…), fwrite(…), fclose(…), fseek(…), ftell(…)
- What are the three modes for opening files, and how are they different?
Hint: A fun puzzle is to think about what would happen if you read objects in a different order than they were written. You have to think about the bytes in the file and in memory and work through the endian-ness. This example was given in the review session.
- Is ecegrid little endian or big endian? ... and what does that mean?
- How are colors represented in BMP?
- How is little endian different from big endian?
- Is the BMP file format little endian or big endian? ... and what does that mean?
Threads and processes
- What is the relationship between threads and processes?
- How does pthread_create(…) and pthread_join(…) affect the flow of execution? (Some might find the diagram used in class to be helpful for visualizing this.)
- What are three options for boosting the performance of a program?
- What is the most important way to improve performance of a program?
- How do you compile code that uses the pthread library?
- What is a process? What does it encompass?
- What is a function address? What will you find at that memory address? Where else could you find the same bytes?
- If f is the address of a function, in what segment is the memory f refers to?
- How can you find information about pthread_create(…) without Google?
- What are the three ways to use #define?
- How do you make a macro that takes arguments?
- What can you do with a macro that you can't do with a function?
- What can you do with a function that you can't do with a macro?
- What are the "two rules" regarding parentheses with preprocessor macros? What can go wrong if they are not followed?
Buffer overflows and instruction-level program execution
This was previously sent by email and also copied into the HW13 assignment page.
- What happens under the hood when we call a function in
- What is the overall process?
- What happens with the stack?
- What is the role of the registers?
- rip – aka $pc, instruction pointer, program counter,
- rsp - aka $sp, stack pointer
- rbp - aka base pointer, frame pointer
- general purpose – e.g., rdi, rsi, rdx, rcx, r8, …,
- What happens in the prologue and epilogue of a function?
- How are assembly instructions different from C code?
- What kinds of operations do assembly instructions do?
- What do the following categories of instructions do?
- jump, call, return, arithmetic, push, pop, move, arithmetic
- How do buffer overflow/overread attacks work?
- How does an attacker perpetrate an attack?
- simple buffer overflow
- simple buffer overread
- What is the role of a debugger (i.e., gdb)?
- How can you write C code that is resistant to such attacks?
- ... only as these apply to the x64 (aka AMD64, x86-64) architecture
Not in scope
- memorization of the BMP file format
- memorization of the exact order of parameters to the file or thread functions
- bit-wise operators
- static functions
- syntax of any specific assembly language instruction
- size of particular registers
- how to write programs in assembly language
- assembly language directives (.intel_syntax)
- any architecture other than AMD-64 on Linux
- What is the number base of an int?
- What are some ways of discovering bugs you don't know about yet?
- If you know your code has a bug but don't know where, what are some strategies for finding it? (See your reference sheet. This was also discussed on 11/17/2015.)
- What are 6 ways to write the number "ten" in C code (assuming standard C99)?
- How can you write C code that prints text in color?