16 - Out-of-Bounds Memory References and Buffer Overflow 1...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Out-of-Bounds Memory References and Buffer Overflow
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Out-of-Bounds Memory References 1 /* Implementation of library function gets() */ 2 char *gets(char *s) 3 { 4 int c; 5 char *dest = s; 6 7 *dest++ = c; 8 *dest++ = ’\0’; /* Terminate String */
Background image of page 2
3 Out-of-Bounds Memory References 9 if (c == EOF) 10 return NULL; 11 return s; 12 } 13
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Out-of-Bounds Memory References 14 /* Read input line and write it back */ 15 void echo() 16 { 17 char buf[4]; /* Way too small ! */ 18 gets(buf); 19 puts(buf); 20 }
Background image of page 4
5 Out-of-Bounds Memory References Stack frame for caller Return address Saved %ebp [3] [2] [1] [0] Stack frame for echo %ebp buf
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Out-of-Bounds Memory References Stack frame for caller Return address [7] [6] [5] [4] [3] [2] [1] [0] Stack frame for echo %ebp buf
Background image of page 6
7 Out-of-Bounds Memory References Stack frame for caller [11] [10] [9] [8] [7] [6] [5] [4] [3] [2] [1] [0] Stack frame for echo %ebp buf
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Malicious Use of Buffer Overflow void bar() { char buf[64]; gets(buf); ... } void foo(){ bar(); ... } return address A Stack after call to gets() B foo stack frame bar stack frame B exploit code pad data written by gets()
Background image of page 8
9 Malicious Use of Buffer Overflow Robert Tappan Morris, (born November 8, 1965), is an professor at MIT. He is best known for creating the Morris Worm in 1988. He is the son of Robert Morris , the former chief scientist at the National Computer Security Center , a division of the National Security Agency (NSA).
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 Malicious Use of Buffer Overflow Input string contains byte representation of executable code
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 30

16 - Out-of-Bounds Memory References and Buffer Overflow 1...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online