A second method is to disable compiler optimization

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: the position of %ebp. +-------------+ | 08 04 86 43 | +-------------+ | | +-------------+ | | +-------------+ | | +-------------+ | | +-------------+ | | +-------------+ | | +-------------+ | | +-------------+ Return Address B. Modify your diagram to show the effect of the call to gets (line 10). C. To what address does the program attempt to return? D. What register(s) have corrupted value(s) when getline returns? E. Besides the potential for buffer overflow, what two other things are wrong with the code for getline? A more pernicious use of buffer overflow is to get a program to perform a function that it would otherwise be unwilling to do. This is one of the most common methods to attack the security of a system over a computer network. Typically, the program is fed with a string that contains the byte encoding of some executable code, called the exploit code, plus some extra bytes that overwrite the return pointer with a pointer to the code in the buffer. The effect of executing the ret instruction is then to jump to the exploit code. In one form of attack, the exploit code then uses a system call to start up a shell program, providing the attacker with a range of operating system funct...
View Full Document

This note was uploaded on 09/02/2010 for the course ELECTRICAL 360 taught by Professor Schultz during the Spring '10 term at BYU.

Ask a homework question - tutors are online