buffer_overflow_6_up

buffer_overflow_6_up - CSE 425, Introduction to Computer...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 425, Introduction to Computer Security Chapter 4. Access Control, Smashing the Stack © 2008 by Wayne R. Dyksen. All Rights Reserved. 4-1 Michigan State University Department of Computer Science and Engineering Security Engineering Chapter 4. Access Control 4.4.1 Smashing the Stack by Ross Anderson Professor Wayne Dyksen Department of Computer Science and Engineering Michigan State University Spring 2008 CSE 425, Introduction to Computer Security 4.4.1-2 4.4.1 Smashing the Stack • What’s the stack? • What’s to “smash”? • How do you “smash” it? • AKA – Buffer Overflow – Stack “Smashed” by Overflowing a Buffer This stuff is… • …very interesting. • …lots of fun. • ...very detailed. • ...somewhat confusing. • …not very hard if you… – …don’t panic. – …can handle a bit of… • …assembler. • …hex. – stare at it long enough. 4.4.1-3 4.4.1-4 Creating Executables Source Code Compiler / Linker Executable (File) Where do executables come from? 4.4.1-5 Executable (File) Header Text (Code) Data (Static) – Constants – E.g., Format Strings (“Hello World\n”) Information About Static Variables Links (Calls) To Other (External) Code – Operating System Calls – Library Calls – E.g., open , read , write – External References Must be “Resolved” Etc… 4.4.1-6 Creating Processes Where do processes come from? Source Code Compiler / Linker Executable (File) OS Shell Process (Running) User (Command) Link-Loader Dynamic Link Libraries Link-loader Loads Libraries Dynamical y on Demand
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSE 425, Introduction to Computer Security Chapter 4. Access Control, Smashing the Stack © 2008 by Wayne R. Dyksen. All Rights Reserved. 4-2 Michigan State University Department of Computer Science and Engineering 4.4.1-7 Aside: Static Linking Executable (File) Includes (Copy of) Code Of All External Links (Code) open , read , write ,… CreateWindow , DrawLine ,… Etc. .. Pro All Right There No Dependencies At Load Time Con Bigger (Huge?) Executable (File) Duplicated Code Everywhere Outdated Code Everywhere Etc… (Motivation for Dynamic Linking) Source Code Compiler / Linker Executable (File) OS Shell User (Command) Process (Running) 4.4.1-8 Process Memory (~) Text (Segment) Program Code Non-OS Linked Code (N.B. Don’t Need Any OS Code in Text Segment. Why not?) Data (Segment) (Static) Constants Static (Global) Variables Heap Dynamic Variables Think malloc or new Managed Manually (e.g., C: malloc & free ) Automatically (e.g., Java: new ) Stack Stack Data Structure LIFO push & pop Used to Implement Function Calls Dynamic Data Local Variables Return Address Frame Pointer Arguments Managed Compiler Hardware 4.4.1-9 Process Memory Illustrated Heap – Think malloc & new – Grows Towards Stack – May Have “Holes” Need Garbage Collection (Manual or Automatic) Run Out (Run Into Stack) Stack – Grows Towards Heap push & pop (Never Has “Holes”) – May Overflow
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 34

buffer_overflow_6_up - CSE 425, Introduction to Computer...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online