These equations indicated an overhead of 80 to 84

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: : In this problem, you will mount a buffer overflow attack on your own program. As stated earlier, we do not condone using this or any other form of attack to gain unauthorized access to a system, but by doing this exercise, you will learn a lot about machine-level programming. Download the file bufbomb.c from the CS:APP website and compile it to create an executable program. In bufbomb.c, you will find the following functions: 1 int getbuf() 3.16. SUMMARY 2 3 4 5 6 7 8 9 10 11 12 13 14 199 { char buf[12]; getxs(buf); return 1; } void test() { int val; printf("Type Hex string:"); val = getbuf(); printf("getbuf returned 0x%x\n", val); } The function getxs (also in bufbomb.c) is similar to the library gets, except that it reads characters encoded as pairs of hex digits. For example, to give it a string “0123,” the user would type in the string “30 31 32 33.” The function ignores blank characters. Recall that decimal digit Ü has ASCII representation 0x3Ü. A typical executi...
View Full Document

This note was uploaded on 09/02/2010 for the course ELECTRICAL 360 taught by Professor Schultz during the Spring '10 term at BYU.

Ask a homework question - tutors are online