Dear Son (EN)

1. Function Arguments in C Programming languages pass function arguments using either Call by Value or Call by Reference .  However, in C, function arguments are always passed by Call by Value .  In other words, the value passed to a function is a  copy , so the function cannot directly access the original variable. For this reason, C achieves a Call by Reference effect by using pointers to pass a variable's address as a value. 1.1. Function Argument Passing Methods Method What is passed Can change original Call by value The variable's value No Call by reference The variable's  address Yes 1.1.1. Call by Value Call by Value is a method that  passes a copy of the value to the function . Therefore, even if the value is changed inside the function, the original variable is not affected. 1.1.2. Call by Reference Call by Reference is a method that uses a pointer to...

1. The Origins of Zero Trust 1.1. What Is Zero Trust Zero Trust is a security model based on the principle of " never trust by default, and always verify every access request " . 1.1.1. Never Trust, Always Verify Never trust, always verify Users, devices, and network locations are not trusted by default. Even the internal network is not assumed to be safe. Every access request is always subject to Authentication and Authorization. 1.1.2. Least Privilege Access Principle of Least Privilege Users are granted only the minimum permissions necessary to perform their job. Unnecessary access privileges are not permitted. 1.1.3.  Assume Breach Assume Breach Systems are designed on the premise that they may already have been compromised. Systems are designed to prevent the spread of an attack even if one occurs. 1.2. The Background of Zero Trust In 2010, a large-scale cyberattack known as Operation Aurora took place. Overview...

1. Buffer Overflow 1.1. Security Vulnerabilities 1.1.1. Causes Buffer Overflow is a security vulnerability where data is written beyond the size of a buffer, overwriting adjacent memory. When data is written past the buffer boundary, adjacent memory gets overwritten . 1.1.2. Impact and Risks The program may crash abnormally or produce errors. Critical data may be corrupted, causing unexpected behavior . An attacker may manipulate memory to execute arbitrary code or take control of the system . 1.2. Stack Buffer Overflow Stack Buffer Overflow is a vulnerability in which data is written beyond the size of a buffer allocated in the Stack area, overwriting adjacent memory regions. The main causes are insufficient input length validation and the use of unsafe functions that do not perform bounds checks. # include <stdio.h> # include <string.h> # include <stdlib.h> // Demonstrate stack buffer overflow: // Stac...

1. C Language Pointers A pointer in C is a variable that stores a memory address. It stores the "location" (address) where data resides . #include <stdio.h> #include <string.h> #include <stdlib.h> int main() { const char *pstr = "Hello World!"; char *ptr = NULL ; const size_t len = strlen (pstr); ptr = malloc (len + 1); memset (ptr, 0x00, len + 1); memcpy (ptr, pstr, len); printf ("%p[%p] → %s\n", &ptr, ptr, ptr); free (ptr); return 0; } The ptr pointer variable resides in the Stack region . Using malloc , a memory space is allocated in the Heap region , and its address is stored in the Stack region ptr variable. Via memcpy , the "Hello World!" string data is copied into the allocated space in the Heap region . 0x7ffffc12fd50[0x5a14a05396b0] → Hello World! &ptr is the address of the pointer varia...