Lecture-Buffer-Memory-OS-3-24-4-5-10

Lecture-Buffer-Memory-OS-3-24-4-5-10 - Buffer Overflow...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Buffer Overflow Memory Protection Ratan Guha CIS 3360, Spring 2010 March 23, 2010 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Reading Assignments Chapter 3: pp 98 – 149  Chapter 4: pp 188 – 204 (end of 4.2) Chapter 4: pp 204 – 232 (4.3 – 4.5) given on 11/16/09 Note: Some diagrams are taken from the text book
Background image of page 2
Overview Memory usage by program Buffer Overflow concepts Memory protection 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Index and Base Registers Some registers have only a 16-bit name for their lower  half: 4 Lecture IA-32 Architecture
Background image of page 4
Some Specialized Register Uses (1 of 2) General-Purpose EAX – accumulator ECX – loop counter ESP – stack pointer ESI, EDI – index registers EBP – extended frame pointer (stack) Segment CS – code segment DS – data segment SS – stack segment ES, FS, GS - additional segments 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Assembly Language Program 1:            INCLUDE Irvine32.inc 2:             .data 3:             source  BYTE  "This is the source string",0 4:             buffer  BYTE  SIZEOF source DUP(0) Data section:  Source   This is the source string0       Target 0000 0 00 0 000 0 000000 0 0000000
Background image of page 6
Copying from source to buffer 5:             .code 6:             main PROC 7:             ; Point ESI to the beginning of the source string : 8:                       mov esi, OFFSET source 9:             ; Point EDI to the beginning of the target string: 10:                      mov  edi, OFFSET target 11:                      mov  ecx, SIZEOF source+99 ; loop counter 12:           L1: 13:                      mov  al,[esi] ; get a character from source  14:                      mov  [edi],al ; store it in the buffer            15 :                       inc    esi ; move to next character in source string     16:                      inc  edi            ;                                              17:                      loop L1 ; repeat for entire string What is wrong with this program? 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Memory Assignment(1) Data Segment | Code segment Program Stack | segment 8 ESP EBP Source buffer Stack grows from high memory to low memory
Background image of page 8
Memory Assignment (2) Code segment Program Data segment | Stack segment 9 Source buffer ESP EBP Initially stack is empty
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
What Is Wrong With These Functions?
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 62

Lecture-Buffer-Memory-OS-3-24-4-5-10 - Buffer Overflow...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online