This is the beginning of the web page. For now, the exercises are just listed in an arbitrary format. We soon will have them more structured and in a better format.

Introductory Programming

  1. Build a Robust Long-to-ASCII Conversion Function
    Synopsis: Write an inproved, error-handling version of atol(3)
    File: convert.html
  2. Crash the Standard I/O Library
    Synopsis: Write programs to force 3 C standard I/O library functions to crash
    File: crash.html
  3. Floating Point Imprecision
    Synopsis: Write a program to find the largest number ε for which 1+ε is 1
    File: fp.html
  4. Negative Amortization
    Synopsis: Use amortization to stress the importance of input checking
  5. Arithmetic Issues Using the Quadratic Formula
    Synopsis: Examine various problems when using the quadratic formula naively
  6. Irregularities in Time
    Synopsis: Examine the impact of daylight savings time changes when working with time
    File: time.html
  7. The Monty Hall Problem
    Synopsis: Write a program to solve the Monty Hall problem by simulation
    File: monty.html
  8. Web Input Validation
    Synopsis: Find a web page that does not validate input adequately

Operating Systems

These exercises are all courtesy of Kevin Du, of Syracuse.

  1. Encrypted File System
    Synopsis: Design and implement an encrypted file system for the Minix operating system.
  2. Access Control Lab
    Synosis: Design and implement an access control mechanism for the Minix operating system based on the Role-Based Access Control and Capability concepts

Other laboratories can be found at

Software Engineering

  1. SQL injection Attack/Defend exercise
    Synopsis: Demonstrate an SQL injection attack on an ASP.Netx web application, and fix it.
  2. Role-Based Access Control (RBAC) Exercise
    Synosis: Implement access control policies in the context of a commercial database management system
  3. Visual Basic Security Exercises
    Synosis: Several security exercises about Visual Basic applications, including some coding ones
    URL: VbSecurityExercises.doc
  4. Connection Pool Leak in
    Synosis: Demonstrate, fix denial of service using a connection pool leak
  5. Secure Updateable Views (WITH CHECK OPTION)
    Synosis: Demonstrate, fix two violations of a security policy on an updateable view of a database
  6. Real-World Report Exercises
    Synosis: Report on the impact that nonsecure code can have in a real-world scenario
    URL: realworld.html
  7. Detecting Vulnerabilities in C Code with a Static Analysis Tool
    Synosis: Use a static analysis tool to detect vulnerabilities such as buffer overflows in C code