ABSTRACT
Over the last few months there has been a large increase of buffer overflow vulnerabilities being both discovered and exploited. Examples of these are syslog, splitvt, and Linux/FreeBSD mount, etc. If you want your programs to be secure, you need to know about buffer overflows and how to prevent them, the latest automated tools to counter them and how to counter them in your programs.
This paper attempts to explain what buffer overflows are and how their exploits work. INTRODUCTION: A buffer is simply a contiguous block of computer memory that holds multiple instances of the same data type. C programmers normally associate with the word buffer arrays. Most commonly, character arrays. Arrays, like all variables in C, can be declared either static or dynamic. Static variables are allocated at load time on the data segment. Dynamic variables are allocated at run time on the stack. To overflow is to flow, or fill over the top, brims, or bounds. We will concern ourselves with stack-based buffer overflows. Process Memory Organization ~~~~~~~~~~~~~~~~~~~~~~~~~~~ To understand what stack buffers are we must first understand how a process is organized in memory. Processes are divided into three major regions. They are: Text Data Stack Stack. The text region is fixed by the program and includes code and read-only data. This region corresponds to the text section of the executable file. This region is normally marked read-only and any attempt to write to it will result in a segmentation violation. The data region contains initialized and un-initialized data. Static variables are stored in this region. The data region corresponds to the database sections of the executable file. If the expansion of the base data or the user stack exhausts available memory, the process is blocked and is rescheduled to run again with a larger memory space. New memory is…………….So on ..........(download any of the following links to get complete paper presentation in word document)
No comments:
Post a Comment