I am currently writing a mail client in C. But I have a question about storing the password.
I just want to store it as long as the program runs.
As a password is a "string" I could store it in a char array, which gets overwritten shortly before the program ends. But this would be relatively insecure.
How can I securely store a password just during the program's runtime?
You're quite right to avoid holding the password in cleartext.
If you have to retain the password (for instance, you need to send it to the server periodically), it's best to keep it in an encrypted form. Which encrypted form is up to you. This makes it harder for someone doing memory profiling on the program to see the password. (Harder, not impossible; if you have to send the password to a server, and someone has physical access to the machine to do memory profiling, all you can do is make it difficult.)
When using it, you'd do this:
Allocate a temporary array
Decrypt to an array
Use the array (for instance, to send the password to the server)
Overwrite the array
Release the array
If you want to be really paranoid, when overwriting the array, do several items in sequence, for instance (this is just an example):
All zeros
All ones
Choose a random byte value
Fill the array with that byte value
Fill again with the value bitshifted once
Fill again with the value bitshifted again
Fill again with the value bitshifted a third time
Fill again with the value bitshifted a fourth time
Fill again with the value bitshifted a fifth time
Fill again with the value bitshifted a sixth time
Fill again with the value bitshifted a seventh time
All ones
All zeros
...as apparently some researchers have been able, on occasion, to retrieve an echo of previous data through forensic analysis of the memory cells in RAM. But I think this falls in the category of paranoia. (But it's cheap to do. ;-) )
Related
I save the data read from a microphone via the *HAL_I2S_Receive_DMA *API using a circular buffer.
I store the received data inside an int16_t data_i2s[SAMPLE_COUNT] array. Using a circular buffer, if I don't move the data to a 'safe' location in time, it will be overwritten every time the buffer size is exceeded.
I think there are two solutions:
Every time the *HAL_I2S_RxCpltCallback *function is triggered, I move/store half of the circular buffer to another array or to memory.
2) I don't move 'data blocks' as in case 1) .. but I move each sample received in real time into another array (actually directly into a SRAM address chosen by me before debugging).
I want to realise this 2nd possibility .. but I don't really know the syntax/command to execute it.
In particular, I previously used a for loop to move each element from an array to the SRAM, but here I don't know how to do it and I think that was an 'end of read' solution, i.e. when you have all the data stored in the array and are no longer receiving
When parsing a file I need to detect whether an item with minimum and maximum occurrence of 1 has been processed already. Later on in validation I need to detect if it was not processed at all.
I can do this inelegantly with a count variable that increments each time but it is cumbersome and inelegant. Perhaps a boolean flag. In general I would use some form of a Sentinel Value, such as NULL for a pointer, or "" for a statically allocated string array. Or memset() zero for many items.
The problem is if the full range of the datatype is potentially valid input it gets very sticky trying to make a Sentinel.
If it is signed and only positive numbers are used, the Sentinel can be any negative number. If the data type is unsigned but values that would use the sign bit are not in use, then a negative number can be used.
If a larger data type can be used to store the value, the added range can be used for the SV. Although this may affect type-compatibility, truncation, promotion.
In an enum I can add an entry, creating an SV.
It gets difficult to keep track of all the ways of showing for each member of a structure whether it was initialized or not.
I almost forgot - an easy and universal way could be to make every variable dynamically allocated and initialized to NULL, even integers. Though a bit strange and slightly wasteful of memory perhaps, this would be highly consistent and would also allow boolean logic of conditional statements to work, eg:
if(age) print("Age is a valid variable with value: %d", *age);
Edit to clarify the question (no changes above):
I am parsing logs from another application (no documentation on the format) The log entries include data structures/objects and the files also have slight spontaneously corrupt entries because another thread occasionally writes to them without synchronizing access.
The structures have members of any base type, eg integer, string, sub-structure, in different quantities, eg 1, 0-1, 1 - N. It gets more complicated if you add the rules on valid combinations and valid sequences.
It might be easiest for me to define everything as an array with an associated counter variable.
I was motivated to ask about this because managing the initialization and checking if a variable has been read in already starts to get overwhelming.
The next stage - input validation - is even more difficult.
The problem is if the full range of the datatype is potentially valid input it gets very sticky trying to make a Sentinel.<
I would say that if that is the situation, there is no way to make a sentinel. You might get lucky if the data type in question has a trap representation (which essentially means that there are some bit patterns that you can store in the data type, but which are not interpretable as a value in the data type), which you could (ab)use.
Other than that, I think you need to resort to some secondary way (variable) to achieve your goal.
As a side note: Sometimes it is practical (but not safe) to reason about what values might be valid, but extremely unlikely input. You might use such a "special" value as a sentinel, but would have to provide some functionality to determine if, when encountering such a "special" value, it truly is a sentinel or a valid input.
Think of an array of doubles: You could use the value of PI to 30 significant digits, if it is highly unlikely that you would ever encounter that number as a valid input, let's say in an accounting software. But you would still need some handler for the sentinel value to determine if it truly is a sentinel, or, indeed, valid but improbable.
I am writing a program in C that reads a file. Each line of the file is a string of characters to which a computation will be done. The result of the computation on a particular string may imply that strings latter on in the file do not need any computations done to them. Also if the reverse of the string comes in alphabetical order before the (current, non-reversed) string then it does not need to be checked.
My question is would it be better to put each string in a linked list and delete each node after finding particular strings don’t need to be checked or using an array and checking the last few characters of a string and if it is alphabetically after the string in the previous element skip it? Either way the list or array only needs to be iterated through once.
Rules of thumb is that if you are dealing with small objects (< 32 bytes), std::vector is better than a linked list for most of general operations.
But for larger objects, (say, 1K bytes), generally you need to consider lists.
There is an article details the comparison you can check , the link is here
http://www.baptiste-wicht.com/2012/11/cpp-benchmark-vector-vs-list/3/
Without further details about what are your needs is a bit difficult to tell you which one would fit more with your requirements.
Arrays are easy to access, specially if you are going to do it in a non sequential way, but they are hard to maintain if you need to perform deletions on it or if you don't have a good approximation of the final number of elements.
Lists are good if you plan to access them sequentially, but terrible if you need to jump between its elements. Also deletion over them can be done in constant time if you are already in the node you want to delete.
I don't quite understand how you plan to access them since you say that either one would be iterated just once, but if that is the case then either structure would give you the similar performance since you are not really taking advantage of their key benefits.
It's really difficult to understand what you are trying to do, but it sounds like you should create an array of records, with each record holding one of your strings and a boolean flag to indicate whether it should be processed.
You set each record's flag to true as you load the array from the file.
You use one pointer to scan the array once, processing only the strings from records whose flags are still true.
For each record processed, you use a second pointer to scan from the first pointer + 1 to the end of the array, identify strings that won't need processing (in light of the current string), and set their flags to false.
-Al.
i have a buffer sized 2000, the data to be inserted is unlimited. I want, data more than 2000 should be added from the end of the buffer, i.e. push all data from right to left and insert new data at the end of the buffer. So, what kind of algorithm or flow i should try on?
You want to use a FIFO, or 'Circular Buffer'. See http://en.wikipedia.org/wiki/Circular_buffer for a complete explanation, or even example code.
Depending on your actual needs, the implementation can be different. If, for example, you always need to access the 2000 items sequentially, you can omit the read pointer (as it is always one item behind the write pointer).
Edit: Queue is something similar. If you are using C++, consider http://www.cplusplus.com/reference/stl/queue/
Lets say I have an array as:
int a[]={4,5,7,10,2,3,6}
when I access an element, such as a[3], what does actually happen behind the scenes?
Why do many algorithm books (such as the Cormen book...) say that it takes a constant time?
(I'm just a noob in low-level programming so I would like to learn more from you guys)
The array, effectively, is known by a memory location (a pointer). Accessing a[3] can be found in constant time, since it's just location_of_a+3*sizeof(int).
In C, you can see this directly. Remember, a[3] is the same as *(a+3) - which is a bit more clear in terms of what it's doing (dereferencing the pointer "3 items" over).
an array of 10 integer variables, with indices 0 through 9, may be stored as 10 words at memory addresses 2000, 2004, 2008, … 2036, so that the element with index i has the address 2000 + 4 × i.
this process take one multiplication and one addition .since these two operation take constant time.so we can say the access can be perform in constant time
Just to be complete, "what structure is accessed in linear time?" A Linked List structure is accessed in linear time. To get the n element you have to travel through n-1 previous elements. You know, like a tape recorder or a VHS cassette, where to go to the end of the tape/VHS you had to wait a long time :-)
An array is more similar to an hard disk: every point is accessible in "constant" time :-)
This is the reason the RAM of a computer is called RAM: Random Access Memory. You can go to any location if you know its address without traversing all the memory before that location.
Some persons told me that HD access isn't really in constant time (where by access I mean "time to position the head and read one sector of the HD"). I have to say that I'm not sure of it. I have googled around and I haven't found anyone speaking of it. I DO know that the time isn't linear, because it is still accessed randomly. In the end, if you think that HD access isn't constant enough for you (but then, what is constant? the access of the RAM? considering Cache, Prefetching, Data Locality and Compiler optimizations?), feel free to consider the sentence as An array is more similar to an USB disk stick: every point is accessible in "constant" time :-)
Because arrays are stored in memory sequentially. So actually, when you access array[3] you are telling the computer, "Get the memory address of the beginning of array, then add 3 to it, then access that spot." Since adding takes constant time, so does array access!
"constant time" really means "time that doesn't depend on the 'problem size'". For the 'problem' "get something out of a container", the 'problem size' is the size of the container.
Accessing an array element takes basically the same amount of time (this is a simplification) regardless of the container size, because a fixed set of steps is used to retrieve the element: its location in memory (this is also a simplification) is calculated, and then the value at that location in memory is retrieved.
A linked list, for example, can't do this, because each link indicates the location of the next one. To find an element you have to work through all the previous ones; on average, you'll work through half the container, so the size of the container obviously matters.
Array is collection of similar types of data. So all the elements will take same amount of memory.Therefore if you know the base address of array and type of data it holds you can easily get element Array[i] in constant time using formula stated below:
int takes 4 bytes in a 32 bit system.
int array[10];
base address=4000;
location of 7th element:4000+7*4.
array[7]=array[4000+7*4];
Hence, its clearly visible you can get ith element in constant time if you know the base address and type of data it holds.
Please visit this link to know more about array data structure.
An array is sequential, meaning that, the next element's address in the array is next to the present one's. So if you want to get 5th element of an array, you calculate the address of 5th element by summing up the base address of the array with 5. This direct address is now directly used to get the element at that address.
You may now further ask the same question here- "How does the computer knows/accesses the calculated address directly?" This is the nature and the principle of computer memory (RAM). If you are further interested in how RAM accesses any address in constant time, you can find it in any computer organization text or you can just google it.
If we know memory location that need to be accessed then this access is in constant time. In case of array the memory location is calculated by using base pointer, index of element and size of element. This involves multiplication and addition operation which takes constant time to execute. Hence element access inside array takes constant time.