Underhanded C Contest
Encyclopedia
The Underhanded C Contest was a programming contest to turn out code that is malicious, but passes a rigorous inspection, and looks like an honest mistake. The contest rules define a task, and a malicious component. Entries must perform the task in a malicious manner as defined by the contest, and hide the malice. Contestants are allowed to use C
C (programming language)
C is a general-purpose computer programming language developed between 1969 and 1973 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system....

-like compiled languages to make their programs.

The contest is organized by Dr. Scott Craver of the Department of Electrical Engineering at Binghamton University
Binghamton University
Binghamton University, also formally called State University of New York at Binghamton, , is a public research university in the State of New York. The University is one of the four university centers in the State University of New York system...

 (New York State). The prize is a $100 gift certificate to ThinkGeek
ThinkGeek
ThinkGeek is an American online retailer that caters to computer enthusiasts and other "geeky" social groups. Their merchandise includes clothing, electronic and scientific gadgets, unusual computer peripherals, office toys, pet toys, child toys, and caffeinated drinks and candy...

.

2005 Contest

The 2005 contest had the task of image processing, while embedding a watermark. Winning entries from 2005 used uninitialized data structures, reuse of pointers, and an embedding of shellcode
Shellcode
In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine. Shellcode is commonly written in...

 in constants.

2006 Contest

The 2006 contest required entries to count word occurrences, but have vastly different runtimes on different platforms. To accomplish the task, entries used fork implementation errors, optimization problems, endian differences and various API implementation differences.

2007 Contest

The 2007 contest required entries to encrypt and decrypt files with a strong, readily available encryption algorithm such that a low percentage (1% - 0.01%) of the encrypted files may be cracked in a reasonably short time. The contest commenced on April 16 and ended on July 4. Entries used misimplementations of RC4, misused API calls, and incorrect function prototypes.

2008 Contest

The 2008 contest required entries to redact a rectangular portion of a PPM image in a way that the portion may be reconstructed. Any method of "blocking out" the rectangle was allowed, as long as the original pixels were removed, and the pixel reconstruction didn't have to be perfect (although the reconstruction's fidelity to the original file would be a factor in judging). The contest began on June 12, and ended on September 30. Entries tended to either xor the region with a retrievable pseudo-random mask or append the masked data to the end of the file format. The two placing programs both used improperly defined macros while the winner, choosing to work with an uncommon text based format, zeroed out pixel values while keeping the number of digits intact.

2009 Contest

The 2009 contest required participants to write a program that sifts through routing directives but redirects a piece of luggage based on some innocuous-looking comment in the space-delimited input data file. The contest began 2009 December 29, and ended on 2010 March 1.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK