Merge pull request #26 from uds-se/master

Merge pull request uds-se#160 from mhamami-abuomar/Corrections_to_pro…

deploy/README.md

@@ -1,5 +1,7 @@
 # Run with Docker
 
+**Note: As of April 2023, the `fuzzingbook` images are no longer available from DockerHub. These instructions are still available for documentation purposes only.***
+
 The first step is to download and install [Docker](https://www.docker.com/). Follow the installation procedure recommended at docker.com, or, if you are using Linux, refer to your distribution for information on the installation process.
 
 Once installed, make sure Docker works by typing `docker info` in a shell.

notebooks/Fuzzer.ipynb

@@ -863,12 +863,43 @@
     "     ], \"9 ** 0.5\")"
    ]
   },
+  {
+   "attachments": {},
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": []
+  },
+  {
+   "attachments": {},
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "The chance is actually higher than you may think. If you remove `/` (the root of all files), for instance, your entire file system will be gone. If you remove `.` (the current folder), all the files in the current directory will be gone. \n",
+    "\n",
+    "The probability of generating a string that is exactly 1 character long is 1/101, this is because the length of the string is determined by calling random.randrange(0, max_length + 1), where the default value of max_length is 100. Per the description given of random.randrange, that should return a random number in [0, 99 + 1). So, we end up with the inclusive range [0, 100] where there are 101 values in the interval.\n",
+    "\n",
+    "For `/` or `.` to be produced, you need a string length of 1 (chance: 1 out of 101) and one of these two characters (chance: 2 out of 32)."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "1/101 * 2/32"
+   ]
+  },
   {
    "attachments": {},
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "The chance is actually higher than you may think. If you remove `/` (the root of all files), for instance, your entire file system will be gone. If you remove `~` (your home directory), all your files will be gone. If you remove `.` (the current folder), all the files in the current directory will be gone. For any of these to be produced, you need a string length of 1 (chance: 1 out of 100) and one of these three characters (chance: 3 out of 32), which indeed is a chance of about one in a thousand."
+    "The above code block precludes the possiblity of removing `~` (your home directory), this is because the probability of generating the character '~' is not 1/32; it is 0/32. The characters are created by calling chr(random.randrange(char_start, char_start + char_range)), where the default value of char_start is 32 and the default value of char_range is 32. The documentation for chr reads, \"[r]eturn the string representing a character whose Unicode code point is the integer i.\" The Unicode code point for '~' is 126 and therefore, not in the interval [32, 64). \n",
+    "\n",
+    "If the code were to be changed so that char_range = 95 then the probability of obtaining the character '~' would be 1/94 , thus resulting in the probability of the event of deleting all files being equal to 0.000332\n",
+    "\n",
+    "And all your files in the home directory will be gone"
    ]
   },
   {
@@ -877,14 +908,27 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "1/100 * 3/32"
+    "3/94 * 1/94 * 99/101"
    ]
   },
   {
+   "attachments": {},
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "However, we can actually deal with any string as long as the _second_ character is a space – after all, `rm -fr / WHATEVER` will first deal with `/`, and only then with whatever follows. The chances for the first character are 3 out of 32, for the space 1 out of 32, so we're more at 1 out of 300:"
+    "However, we can actually deal with any string as long as the _second_ character is a space – after all, `rm -fr / WHATEVER` will first deal with `/`, and only then with whatever follows. The chances for the first character are 2 out of 32 as the code block above only allows for the probability of obtaining a `/` or a `.` but not a `~`.\n",
+    "\n",
+    "For the space the probability is 1 out of 32.\n",
+    "\n",
+    "We have to include the term for the probability of obtaining at least 2 characters which is required for the scenario of obtaining a space as the second character. This probability is 99/101 because it is calculated as (1 - probabilty of obtaining a single character or no character at all), so it is equal to 1-(2/101).\n",
+    "\n",
+    "Therefore, the probability calculation for the event of deleting all files in the case of having a space for the second character is:\n",
+    "\n",
+    "[probability of obtaining '/' or '. ' followed by a space] = [the probability of obtaining either the '/' character or the '. ' character] * [the probability of obtaining space] * [Probability of getting at least 2 characters] = 0.001914\n",
+    "\n",
+    "\n",
+    "\n",
+    "Diagram of probability of obtaining at least 2 characters."
    ]
   },
   {
@@ -893,7 +937,7 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "3/32 * 1/32"
+    "2/32 * 1/32 * 99/101"
    ]
   },
   {