6 Buffer Overflows Occur when data is written beyond the space allocated for it, such as a 10th byte in a 9-byte array In a typical exploitable buffer overflow, an attacker's inputs are expected to go into regions of memory allocated for data but those inputs are instead allowed to overwrite memory holding executable code The trick for an attacker is finding buffer overflow opportunities that lead to overwritten memory being executed, and finding the right code to input From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Buffer Overflows • Occur when data is written beyond the space allocated for it, such as a 10th byte in a 9-byte array • In a typical exploitable buffer overflow, an attacker’s inputs are expected to go into regions of memory allocated for data, but those inputs are instead allowed to overwrite memory holding executable code • The trick for an attacker is finding buffer overflow opportunities that lead to overwritten memory being executed, and finding the right code to input 6 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
7 How Buffer Overflows Happen char sample [10 int li for(i=0;i<=9;i++) sample[i] A sample[10] B From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
How Buffer Overflows Happen char sample[10]; int i; for (i=0; i<=9; i++) sample[i] = ‘A’; sample[10] = ‘B’; 7 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
8 Where a Buffer can Overflow Users Data Memory (a) Affects users data User's data User's Program Code AAAAAAJAJAAAB (b) Affects users code Users Data System Data (c) Affects system data Users Data System Program Code (d) Affects system code From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
Where a Buffer Can Overflow 8 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
9 The stack Stack P3 P2 Direction of growth P1 Prog Ctr Stack Ptr From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
The Stack 9 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
The stack after Procedure calls Procedure B Stack Procedure a P3 ca P2 call B P1 Prog ctr Stack ptr Procedure c P2 P1 Prog ctr Stack ptr From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
The Stack after Procedure Calls 10 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved