--- a/slides/slides03.tex Tue Oct 07 11:13:40 2014 +0100
+++ b/slides/slides03.tex Tue Oct 07 12:48:07 2014 +0100
@@ -345,13 +345,13 @@
\only<2>{
\begin{textblock}{7}(5,8)
\footnotesize
-\lstinputlisting[language=C,xleftmargin=5mm,numbers=none]{../progs/example1a.s}
+\lstinputlisting[language={[x86masm]Assembler},morekeywords={movl},xleftmargin=5mm,numbers=none]{../progs/example1a.s}
\end{textblock}}
\only<3>{
\begin{textblock}{7}(5,8)
\footnotesize
-\lstinputlisting[language=C,xleftmargin=5mm,numbers=none]{../progs/example1b.s}
+\lstinputlisting[language={[x86masm]Assembler},morekeywords={movl,movw},xleftmargin=5mm,numbers=none]{../progs/example1b.s}
\end{textblock}}
\end{frame}
@@ -499,13 +499,44 @@
\begin{itemize}
\item use safe library functions
-\item stack caneries
+\item stack canaries
\item ensure stack data is not executable (can be defeated)
\item address space randomisation (makes one-size-fits-all more difficult)
\item choice of programming language (one of the selling points of Java)
+\end{itemize}
-\end{itemize}
-
+\only<2>{
+\begin{textblock}{7}(6,1)
+ \begin{bubble}[5cm]
+ \begin{tabular}{cp{2cm}}
+ \begin{tikzpicture}[baseline=40mm,scale=0.8]
+ %\draw[step=1cm] (-3,-1) grid (3,8);
+ \draw[gray!20,fill=gray!20] (-1, 0) rectangle (1,-1);
+ \draw[line width=1mm] (-1,-1.2) -- (-1,7.4);
+ \draw[line width=1mm] ( 1,-1.2) -- ( 1,7.4);
+ \draw (0,-1) node[anchor=south] {\tt main};
+ \draw[line width=1mm] (-1,0) -- (1,0);
+ \draw (0,0) node[anchor=south] {\tt arg$_3$=3};
+ \draw[line width=1mm] (-1,1) -- (1,1);
+ \draw (0,1) node[anchor=south] {\tt arg$_2$=2};
+ \draw[line width=1mm] (-1,2) -- (1,2);
+ \draw (0,2) node[anchor=south] {\tt arg$_1$=1};
+ \draw[line width=1mm] (-1,3) -- (1,3);
+ \draw (0,3.1) node[anchor=south] {\tt ret};
+ \draw[line width=1mm] (-1,4) -- (1,4);
+ \draw (0,4) node[anchor=south] {\small\tt last sp};
+ \draw[line width=1mm] (-1,5) -- (1,5);
+ \draw (0,5) node[anchor=south] {\tt\small\alert{\textbf{random}}};
+ \draw[line width=1mm] (-1,6) -- (1,6);
+ \draw (0,6) node[anchor=south] {\tt buf};
+ \draw[line width=1mm] (-1,7) -- (1,7);
+ \end{tikzpicture} &
+ canary: a random value after the local variables
+ \end{tabular}
+\end{bubble}
+\end{textblock}}
+
+
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%