Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Write a.c File 15-213: Introduction to Computer Systems Recitation 6, Oct 1, 2012 Alexander Malyshev (amalyshe) Section A, 10:30a – 11:20p, WeH.

PublishChristopher West Modified over 9 years ago

Similar presentations

Presentation on theme: "How to Write a.c File 15-213: Introduction to Computer Systems Recitation 6, Oct 1, 2012 Alexander Malyshev (amalyshe) Section A, 10:30a – 11:20p, WeH."— Presentation transcript:

1 How to Write a.c File 15-213: Introduction to Computer Systems Recitation 6, Oct 1, 2012 Alexander Malyshev (amalyshe) Section A, 10:30a – 11:20p, WeH 4623

2 Agenda Buffer overflow Writing a C program Makefiles Revision Control

3 Buffer Overflow We have an IA32 stack frame with an array on it and nothing else and we call gets(buf) – char buf[8]; Does anything bad happen when we type in: – “1234567”

4 Buffer Overflow We have an IA32 stack frame with an array on it and nothing else and we call gets(buf) – char buf[8]; Does anything bad happen when we type in: – “1234567”// nothing bad happens – “12345678912”

5 Buffer Overflow We have an IA32 stack frame with an array on it and nothing else and we call gets(buf) – char buf[8]; Does anything bad happen when we type in: – “1234567”// nothing bad happens – “12345678912”// we overwrite the old ebp with // 0x00323139 – “123456789123456”

6 Buffer Overflow We have an IA32 stack frame with an array on it and nothing else and we call gets(buf) – char buf[8]; Does anything bad happen when we type in: – “1234567”// nothing bad happens – “12345678912”// we overwrite the old ebp with // 0x00323139 – “123456789123456”// old ebp = 0x33323139 // return address = 0x00363534

7 Buffer Overflow True/False A buffer overflow attack can only be executed on programs that use the gets() function

8 Buffer Overflow True/False A buffer overflow attack can only be executed on programs that use the gets() function – False, you don’t need gets() to write past the length of a buffer

9 Buffer Overflow True/False A buffer overflow attack can only be executed on programs that use the gets() function – False, you don’t need gets() to write past the length of a buffer Buffer overflow attacks all occur on the stack

10 Buffer Overflow True/False A buffer overflow attack can only be executed on programs that use the gets() function – False, you don’t need gets() to write past the length of a buffer Buffer overflow attacks all occur on the stack – False, a buffer can be allocated on the heap and someone can just as easily write past the end of it, but they won’t be attacking the return address directly anymore

11 Agenda Buffer overflow Writing a C program Makefiles Revision Control

12 Writing Code from Scratch We want to write a C program that takes the length and width of a rectangle, and prints its area The length will be specified by the “-x” flag, and the width will be specified by the “-y” flag ./area -x 5 -y 7 Any bad arguments for -x and -y should cause the program to print 0

13 Writing Code from Scratch $ cat area.c int main(int argc, char **argv) { int x, y; // “somehow” get arguments into x and y printf(“Area: %d\n”, x * y); return 0; }

14 Writing Code from Scratch We could iterate through argv and do a strcmp with “-x” and “-y” to find our integers but that can quickly get messy – Doesn’t scale well for many arguments Use the getopt() function instead

15 Writing Code from Scratch getopt() takes argc, and argv and a format string, and then returns the type of the current argument and moves the value of the current argument into a global variable named “optarg” Uses less code, and can handle all sorts of complicated arguments

16 Agenda Buffer overflow Writing a C program Makefiles Revision Control

17 Makefiles A way of building multiple source files into an executable Old, crufty, and the syntax isn’t pretty We don’t recommend writing one from scratch, most people just copy existing ones they find online – You’ll get one for cachelab and all subsequent labs

18 Makefiles You might want to modify the starter Makefile for future labs – Such as moving some of your code into separate.c files Should know how to modify/add make rules If you don’t remember what all the weird variables are ($?, $@, etc), Google is your friend – Don’t bother memorizing them

19 Makefiles CC = gcc CFLAGS = -Wall –Wextra –g all: helloworld helloworld: helloworld.o # this HAS to be a hard tab, using spaces will not work $(CC) $(CFLAGS) $(LDFLAGS) –o helloworld helloworld.o helloworld.o: $(CC) $(CFLAGS) -c helloworld.c clean: rm –f helloworld helloworld.o.PHONY: clean

20 Makefiles CC = gcc CFLAGS = -Wall –Wextra –g all: helloworld helloworld: helloworld.o # this HAS to be a hard tab, using spaces will not work $(CC) $(CFLAGS) $(LDFLAGS) –o $@ $^ helloworld.o: $(CC) $(CFLAGS) -c $< clean: rm –f helloworld helloworld.o.PHONY: clean

21 Makefiles CC = gcc CFLAGS = -Wall –Wextra –g all: helloworld helloworld: helloworld.o # this HAS to be a hard tab, using spaces will not work $(CC) $(CFLAGS) $(LDFLAGS) –o $@ $^ %.o: %.c $(CC) $(CFLAGS) –c $< clean: rm –f helloworld *.o.PHONY: clean

22 Agenda Buffer overflow Writing a C program Makefiles Revision Control

23 A set of tools to help keep track of multiple versions of a project – Most commonly used to manage source code Want to keep history of your changes – Who changed what and when This will be super useful when you work with more than one person (proxylab)

24 Revision Control Many programs exist for this purpose – CVS, Subversion (svn), darcs, git We recommend that you use git – Shout out to stuco 98-174

25 git http://git-scm.com/book is your best resource for learning git http://git-scm.com/book – Extremely helpful, and the initial chapters get you started very quickly You’ll really only need a few commands when working by yourself – git {init, add, commit, log, status} – If you are willing, read up on branching, it will be super useful for malloclab

26 Summary Buffer overflow Writing a small C program from scratch Makefiles and their quirks Revision Control (aka. Please use git)

Download ppt "How to Write a.c File 15-213: Introduction to Computer Systems Recitation 6, Oct 1, 2012 Alexander Malyshev (amalyshe) Section A, 10:30a – 11:20p, WeH."

Similar presentations

Makefile Ansuman Banerjee Arijit Bishnu Debapriyo Majumdar Data and File Structures Lab M.Tech. Computer Science 1 st Year, Semester I Indian Statistical.

Makefile Ansuman Banerjee Arijit Bishnu Debapriyo Majumdar Data and File Structures Lab M.Tech. Computer Science 1 st Year, Semester I Indian Statistical.
Module R2 CS450. Next Week R1 is due next Friday ▫Bring manuals in a binder - make sure to have a cover page with group number, module, and date. You.

Module R2 CS450. Next Week R1 is due next Friday ▫Bring manuals in a binder - make sure to have a cover page with group number, module, and date. You.
The University of Adelaide, School of Computer Science

The University of Adelaide, School of Computer Science
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Chapter 7 Process Environment Chien-Chung Shen CIS, UD

Chapter 7 Process Environment Chien-Chung Shen CIS, UD
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
SPL – Practical Session 2 Topics: – Makefile – C++ Memory Management – Pointers.

SPL – Practical Session 2 Topics: – Makefile – C++ Memory Management – Pointers.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Stack buffer overflow http://en.wikipedia.org/wiki/Stack_buffer_overflow.

Stack buffer overflow
Inline Assembly Section 1: Recitation 7. In the early days of computing, most programs were written in assembly code. –Unmanageable because No type checking,

Inline Assembly Section 1: Recitation 7. In the early days of computing, most programs were written in assembly code. –Unmanageable because No type checking,
Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.

Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.
Using subversion COMP 2400 Prof. Chris GauthierDickey.

Using subversion COMP 2400 Prof. Chris GauthierDickey.
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.

1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
Computer Security Buffer Overflow lab Eu-Jin Goh.

Computer Security Buffer Overflow lab Eu-Jin Goh.
Carnegie Mellon 1 Debugging and Version control 15-213 / 18-213: Introduction to Computer Systems 12 th Recitation, Nov. 14, 2011 Slides by: Lin Xiao(lxiao)

Carnegie Mellon 1 Debugging and Version control / : Introduction to Computer Systems 12 th Recitation, Nov. 14, 2011 Slides by: Lin Xiao(lxiao)
University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.
University of Calgary – CPSC 441. C PROGRAM  Collection of functions  One function “main()” is called by the operating system as the starting function.

University of Calgary – CPSC 441. C PROGRAM  Collection of functions  One function “main()” is called by the operating system as the starting function.
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.

Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Similar presentations

Ads by Google