equal
deleted
inserted
replaced
3 \usepackage{../langs} |
3 \usepackage{../langs} |
4 \usepackage{../graphics} |
4 \usepackage{../graphics} |
5 \usepackage{../data} |
5 \usepackage{../data} |
6 |
6 |
7 \begin{document} |
7 \begin{document} |
8 \fnote{\copyright{} Christian Urban, 2014} |
8 \fnote{\copyright{} Christian Urban, 2014, 2015} |
9 |
9 |
10 \section*{Handout 3 (Buffer Overflow Attacks)} |
10 \section*{Handout 3 (Buffer Overflow Attacks)} |
11 |
11 |
12 By far the most popular attack method on computers are buffer |
12 By far the most popular attack method on computers are buffer |
13 overflow attacks or variations thereof. The first Internet |
13 overflow attacks or variations thereof. The first Internet |
207 buffers onto the stack and initialises them with the given |
207 buffers onto the stack and initialises them with the given |
208 data (Lines 2 to 9). Since there is no real computation going |
208 data (Lines 2 to 9). Since there is no real computation going |
209 on inside \pcode{foo}, the function then just restores the |
209 on inside \pcode{foo}, the function then just restores the |
210 stack to its old state and crucially sets the return address |
210 stack to its old state and crucially sets the return address |
211 where the computation should resume (Line 9 in the code on the |
211 where the computation should resume (Line 9 in the code on the |
212 left-hand side). The instruction \code{ret} then transfers |
212 right-hand side). The instruction \code{ret} then transfers |
213 control back to the function \pcode{main} to the |
213 control back to the function \pcode{main} to the |
214 instruction just after the call to \pcode{foo}, that is Line |
214 instruction just after the call to \pcode{foo}, that is Line |
215 9. |
215 9. |
216 |
216 |
217 Another part of the ``conspiracy'' of buffer overflow attacks |
217 Another part of the ``conspiracy'' of buffer overflow attacks |