Question

A program is written to compute the sum of the integers from 1 to 10. The programmer, well trained in reusability and maintainability, writes the program so that it computes the sum of the numbers from k to n. However, a team of security specialists scrutinizes the code. The team certifies that this program properly sets k to 1 and n to 10; therefore, the program is certified as being properly restricted in that it always operates on precisely the range 1 to 10. List different ways that this program can be sabotaged so that during execution it computes a different sum, for example, 3 to 20.

Answer 1

See explanation section

Step-by-step explanation:

See the program at the end of this solution

The program can be sabotaged if the source file is altered before running the program.

Take for instance,

Someone changes

for(int i =k;i<=n;i++)

to

for(int i =3;i<=20;i++)

This implies that no matter the user input, the program will only calculate the sum of 3 to 20

It is also possible that the program is altered by an external process.

Take for instance;

n = 10

k = 1

And the sum has been calculated for the range of k = 1 to 5.

Then the program is altered by an external process.

15 (sum of 1 to 5) will be displayed instead of 55 (sum of 1 to 10)

Program written in C++

#include<iostream>

using namespace std;

int main() {

int k.n,total=0;

cin>>k;

cin>>n;

//Assume k will always be less than n

for(int i =k;i<=n;i++) {

total+=i;

}

System.out.print(total);

return 0;

}