| [ | Home | ] |
| [ | Schedule | ] |
| [ | Research | ] |
| [ | Classes | ] |
Understanding Buffer Overflows
The top level skills in the above genetic decomposition are assumed by the time we get to this unit of the class. (We will cover security analysis in this case by various examples. The other skills are expected upon entrance to the class).
Exercises
- gdb skills - a short sequence of exercises that teach basics like tracing, stepping, etc. and memory inspection. These should be sufficient to allow the student to use gdb to explore how programs are compiled and laid out in memory.
- With knowledge of gdb and basic compilation concepts, the student will do an exercise in which he or she diagrams where code, heap, and data segments are located with a few function addresses also requested.
- Extend the previous exercise to include a stack frame diagram. The student's view of the memory image of a process should be mostly complete now.
- With the understanding of memory layout and examples from class of buffer overflows, the student can now find, exploit, and possibly patch a hole in a given program.