cse443-lecture-11-codesecurity - Program Security CMPSC 443...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Program Security CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjae ger/cse443-s12/
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Programming • Why do we write programs? – Function • What functions do we enable via our programs? – Often more than the programmer expects – Adversaries take advantage of such “hidden” function 2
Background image of page 2
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 4 What if packet is larger than 1000 bytes?
Background image of page 4
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Address Space Layout and Assumptions • Depends on the layout of a computer process ʼ s memory – Note that the stack grows downward • Depends on lack of type safety in programming language – Can write outside a data structure using its reference • Difference between logical model and implementation – Can ʼ t assume everything works according to the logical model 5 Text Data Stack Heap
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Buffer Overflow • How it works 6 Local Var Buffer Local Var Return Address Func Parameters Previous Function New Rtn Evil Code Evil Code Evil Code Evil Code Stack Frame
Background image of page 6
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 7 How would you fix this problem? Can we depend on programmers to prevent this problem?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Return-to-libc • Possible defense: non-executable stack • Possible defense: randomize stack base • Do we need to run code on the stack? 8
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/11/2012 for the course CSE 443 taught by Professor Trentjaeger during the Spring '11 term at Pennsylvania State University, University Park.

Page1 / 26

cse443-lecture-11-codesecurity - Program Security CMPSC 443...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online