Heya guys! I am back with another article my previous article on secure coding. This time we are not going to go into any theoretical stuff. Some months ago, I wrote a program in Python for my students so that they can practice basic BODMAS questions. The purpose was that the program should generate random set of questions (number of questions to be entered by the user) and then check whether the entered answer is correct or not. Now, obviously it was quite easy for me to code, But, the thing was I had to ensure that 5/2 = 2.5 is as much correct as 2.500. So, I just couldn’t go and match two strings. I had to come up with a different solution. Just to have fun and see if any of my students or volunteers could come up with a vulnerability in the program, I specifically wrote a weak program. Now, I have modified the program to make it easier for you all to identify the mistakes and the vulnerabilities in it.
Now, here is what I want you to do:
- Don’t look at the code. Just compile it, run it and see if you can figure out the vulnerabilities in the code.
- If you can’t figure out the vulnerabilities in step 1 or even if you did, go and take a look at the program code and try to figure out what are the things you missed!
Once you are done, please comment what you think are the vulnerabilities in the code and how will you correct them!
Here we go!!
3 6 -1
Program for the small basic python Challenge
=========================================== Welcome. This is a 3 question math quiz Your answer should be correct to three decimal places. What is 1 + 2? Correct! What is 2 * 3? Correct! What is 3 - 4? Correct! Your score was 3/3
Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above!!
About the author:
Vishwesh Shrimali is an Undergraduate Mechanical Engineering student at BITS Pilani. He fulfils about all the requirements not taught in his branch- white hat hacker, network security operator, and an ex – Competitive Programmer. As a firm believer in power of Python, his majority work has been in the same language. Whenever he get some time apart from programming, attending classes, watching CSI Cyber, he go for a long walk and play guitar in silence. His motto of life is – “Enjoy your life, ‘cause it’s worth enjoying!”
If you also wish to showcase your blog here, please see GBlog for guest blog writing on GeeksforGeeks.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Geeks Coding Challenge [GCC 2019] - A Three Day Coding Challenge By GeeksforGeeks
- ML | Boston Housing Kaggle Challenge with Linear Regression
- 7 Best Coding Challenge Websites in 2020
- Write From Home Challenge - Technical Content Writing Event By GeeksforGeeks
- Basic Slicing and Advanced Indexing in NumPy Python
- Basic calculator program using Python
- Python | Basic Program Crash Debugging
- How to make a basic Scatterplot using Python-Plotly?
- Python | Basic Gantt chart using Matplotlib
- Basic Approximations in Python
- Creating a Basic hardcoded ChatBot using Python-NLTK
- Build a basic Text Editor using Tkinter in Python
- Building a Basic Chrome Extension
- Basic SQL Injection and Mitigation with Example
- Basic Transformations in OPENGL
- Basic Concept of Classification (Data Mining)
- Pandas | Basic of Time Series Manipulation
- How to Create a Basic Project using MVT in Django ?
- Django Basic App Model - Makemigrations and Migrate
- Some Basic Terms Of Chatbots