Dit is de samenvatting van het achtste hoofdstuk van het vak Structuur van Computerprogramma's II. In deze samenvatting werd zowel alle relevante informatie uit de slides als informatie uit eigen notities opgenomen.
Hoofdstuk 5b: Execution Model
1 Recall: Programs in Memory
• C programs can manipulate memory directly
o Advantages: efficiency
o Disadvantages: easy to violate data abstractions
2 Memory Errors
• Since C provides arbitrary access to memory, it can suffer
from different types of memory errors:
o dynamic memory errors (cf. chapter 3b):
▪ dangling pointer, invalid free, null pointer
accesses
o array bounds errors:
▪ buffer overflows (copying data into a
buffer without doing bounds checking can
corrupt the content of adjacent memory locations)
o out-of-memory errors:
▪ stack exhaustion (a program runs out of stack space due to e.g. too deep
recursion)
Those errors may be simple programming oversights, but they can cause security vulnerabilities as
they can be used by attackers for malicious ends.
• Unrestricted manual memory management is unsafe.
3 Memory safety
1
, 4 Stack Overflows
4.1 Buffer Overflows
putting m bytes into a buffer of size n, if m > n the surrounding memory is corrupted
• Still one of the most common vulnerabilities exploited
• Affects any function that copies input to memory without doing bounds checking
o Stack overflows
o Heap overflows
• Easy fix: check size of data before/when writing
• Nowadays Modern OSs include provision to avoid buffer overflow exploits
o randomizing the layout of memory
o leaving space between buffers
o looking for actions that write into “canaries” (values placed between buffer and
control area on the stack)
4.2 Stack Overflows
• First documented as a security threat in 1972
• First documented exploitation in 1988 used by the Morris worm to propagate over the
Internet
• Became widely known in 1996 through the influential article “Smashing the stack for fun and
profit” by Elias Levy (known as Aleph One)
• Since then popular used by Internet worms like Code Red (2001), SQL Slammer (2003),
Conficker (2008)
4.2.1 Stack Overflows Exploits
• Overwriting a local variable that is located near the vulnerable buffer on the stack.
• Overwriting the return address in a stack frame to point back into the stack, somewhere
before the attack code.
• Overwriting a function pointer.
• Overwriting a local variable or pointer of a different stack frame (which will be used by the
function which owns the frame later).
• Local variables are put close together on the stack.
o If a write goes beyond the size of one variable, it can corrupt another one.
2
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller lennyS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $3.73. You're not tied to anything after your purchase.