diff -r 6764a249118a -r 97ab057cbd2e slides/slides03.tex --- a/slides/slides03.tex Fri Oct 07 12:29:30 2016 +0100 +++ b/slides/slides03.tex Sat Oct 08 13:54:14 2016 +0100 @@ -337,6 +337,115 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\tikzset{alt/.code args={<#1>#2#3#4}{% + \alt<#1>{\pgfkeysalso{#2}}{\pgfkeysalso{#3}} % \pgfkeysalso doesn't change the path +}} + +\begin{frame}[t] +\frametitle{Buffer Overflow Attacks} + +\begin{itemize} +\item the problem arises from the way C/C++ organises its function calls\\[-8mm]\mbox{} +\end{itemize} + +\begin{center} +\begin{tikzpicture}[scale=1] +%\draw[black!10,step=2mm] (0,0) grid (9,4); +%\draw[black!10,thick,step=10mm] (0,0) grid (9,4); + +\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}}; +\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8); +\draw[line width=0mm, white, alt=<9->{fill=red}{fill=blue}] (0,0.2) rectangle (1,0.5); +\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5); +\draw[line width=1mm, alt=<6->{fill=red}{fill=blue}] (0,1.0) rectangle (1,2.0); +\draw[line width=1mm, alt=<7->{fill=yellow}{fill=blue}] (0,0.5) rectangle (1,1.0); +\draw[line width=1mm] (0,0) -- (0,4); +\draw[line width=1mm] (1,0) -- (1,4); + +\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}}; +\draw[line width=1mm, alt=<{4-5,8}>{fill=red}{fill=blue}] (3,1.0) rectangle (4,3.0); + +\onslide<3-4>{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);} +\onslide<5>{\draw[<-, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {res=24} (3,1);} + +\onslide<7-8>{\draw[->, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {n=3} (3,3);} +\onslide<9>{\draw[<-, line width=1mm,red] (1,0.8) to node [above,sloped,midway] {res=6} (3,1);} + + +\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}}; +\draw[line width=1mm] (7,3.5) -- (7,0.5) -- (8.5,0.5) -- (8.5,3.5); + +\onslide<3,4,7,8>{ +\node at (7.75, 1.4) {ret}; +\draw[line width=1mm] (7,1.1) -- (8.5,1.1); +\node at (7.75, 2.0) {sp}; +\draw[line width=1mm] (7,2.3) -- (8.5,2.3); +} +\onslide<3,4>{ +\node at (7.75, 0.8) {4}; +\draw[line width=1mm] (7,1.7) -- (8.5,1.7); +} +\onslide<7,8>{ +\node at (7.75, 0.8) {3}; +\draw[line width=1mm] (7,1.7) -- (8.5,1.7); +} + + +\end{tikzpicture} +\end{center} + +\end{frame} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[t] + +\begin{center} +\begin{tikzpicture}[scale=1] +%\draw[black!10,step=2mm] (0,0) grid (9,4); +%\draw[black!10,thick,step=10mm] (0,0) grid (9,4); + +\node at (0.5,4.5) {\small\begin{tabular}{l}main\\[-2mm] prog.\end{tabular}}; +\draw[line width=0mm, white, alt=<2->{fill=red}{fill=blue}] (0,2.5) rectangle (1,3.8); +\draw[line width=1mm, white, fill=blue] (0,1.0) rectangle (1,2.0); +\draw[line width=1mm, alt=<3->{fill=yellow}{fill=blue}] (0,2.0) rectangle (1,2.5); +\draw[line width=1mm] (0,0) -- (0,4); +\draw[line width=1mm] (1,0) -- (1,4); + +\node at (3.5,3.5) {\small\begin{tabular}{l}fact(n)\end{tabular}}; +\draw[line width=0mm, alt=<{4-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,3.0); +\draw[line width=0mm, alt=<{5-}>{red, fill=red}{blue, fill=blue}] (3,2.8) rectangle (4,2.0); +\draw[line width=0mm, alt=<{7-}>{red, fill=red}{blue, fill=blue}] (3,2.0) rectangle (4,1.0); +\draw[line width=1mm] (3,1.0) rectangle (4,3.0); + +\onslide<3->{\draw[->, line width=1mm,red] (1,2.3) to node [above,sloped,midway] {n=4} (3,3);} +\onslide<5->{\draw[<-, line width=2mm,red] (4,2) to node [above,sloped,midway] +{\begin{tabular}{l}user\\[-1mm] input\end{tabular}} (6,2);} +\onslide<8->{\draw[<-, line width=1mm,red] (1,-2) to (3,1);} + +\node at (7.75,3.9) {\small\begin{tabular}{l}stack\end{tabular}}; +\draw[line width=1mm] (7,3.5) -- (7,-0.1) -- (8.5,-0.1) -- (8.5,3.5); + +\onslide<3->{ +\node at (7.75, 0.2) {4}; +\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,0.5) rectangle (8.5,1.1); +\node at (7.75, 0.8) {\alt<6->{@a\#}{ret}}; +\draw[line width=1mm,alt=<6->{fill=red}{fill=white}] (7,1.1) rectangle (8.5,1.7); +\node at (7.75, 1.4) {\alt<6->{!?w;}sp}; +} + +\onslide<4->{ +\draw[line width=1mm,fill=red] (7,1.7) rectangle (8.5,3.0); +\node[white] at (7.75, 2.4) {buffer}; +} + +\end{tikzpicture} +\end{center} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] \frametitle{C-Library Functions}