Settings

Theme

The Underhanded C Contest

underhanded-c.org

122 points by ccabraldev a day ago · 12 comments

Reader

BiraIgnacio 21 hours ago

> The contest was initially inspired by Daniel Horn’s Obfuscated V contest in the fall of 2004 (note: the original page is long gone, and this link goes to a snapshot from archive.org). The object of that contest was to write a simple program to count votes, that somehow miscounts the votes on election day. I was greatly impressed to see how even a short program to simply count characters in a text file can be made to fail, and fail only on one specific day, so that the bug isn't noticed in testing.

https://underhanded-c.org/_page_id_7.html

  • tpoacher 13 hours ago

    My favourite entry was the "leaky redaction" one, which created a "redacted" version of an image in the text-based ppm image format, but in such a manner that most of the redacted information could be restored directly from the file.

    The trick was to redact by converting characters to zeroes, as opposed to words. So "8" would become "0", but "256" would become "000" rather than "0". In a black and white text document, distinguishing between "0" and "000" effectively faithfully recreates the original document! But even in color pictures, it was very interesting to see how much information is still retained going from 256bits per channel down to just 3.

    The method was underhanded in that the code at that section was written in a seemingly very sensible manner, enough to convince an astute auditor that this was an honest and defensible bug.

  • silisili 20 hours ago

    The original page actually loads fine, maybe was restored later?

    I looked through a few trying not to read the short description and missed a lot of simple things, really makes you think...

    https://graphics.stanford.edu/~danielh/vote/vote.html

AmazingEveryDay a day ago

(2015). RIP.

pseudohadamard 18 hours ago

Interesting that the case they were using was the Nuclear Threat Initiative and FP uncertainties, I've audited some, ah, nuclear-physics-related code that had an issue due to FP uncertainties...

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection