{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

cse443-lecture-11-codesecurity

cse443-lecture-11-codesecurity - Program Security CMPSC 443...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Program Security CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjae ger/cse443-s12/
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Programming Why do we write programs? – Function What functions do we enable via our programs? Often more than the programmer expects Adversaries take advantage of such “hidden” function 2
Background image of page 2
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 4 What if packet is larger than 1000 bytes?
Background image of page 4
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Address Space Layout and Assumptions Depends on the layout of a computer process ʼ s memory Note that the stack grows downward Depends on lack of type safety in programming language Can write outside a data structure using its reference Difference between logical model and implementation – Can ʼ t assume everything works according to the logical model 5 Text Data Stack Heap
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Buffer Overflow How it works 6 Local Var Buffer Local Var Return Address Func Parameters Previous Function New Rtn Evil Code Evil Code Evil Code Evil Code Stack Frame
Background image of page 6
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger A Simple Program int authenticated = 0; char packet[1000]; while (!authenticated) { PacketRead(packet); if (Authenticate(packet)) authenticated = 1; } if (authenticated) ProcessPacket(packet); 7 How would you fix this problem? Can we depend on programmers to prevent this problem?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Page CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Return-to-libc Possible defense: non-executable stack Possible defense: randomize stack base Do we need to run code on the stack?
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}