Presentation is loading. Please wait.

Presentation is loading. Please wait.

Buffer Overflow Maddikayala, jagadish. CSCI 5931 Web Security Prof. T. Andrew Yang Monday Feb. 23.

Published byGladys Nash Modified over 9 years ago

Similar presentations

Presentation on theme: "Buffer Overflow Maddikayala, jagadish. CSCI 5931 Web Security Prof. T. Andrew Yang Monday Feb. 23."— Presentation transcript:

1 Buffer Overflow Maddikayala, jagadish. CSCI 5931 Web Security Prof. T. Andrew Yang Monday Feb. 23

2 CSCI 5931 Web Security What is Buffer Overflow? A buffer is a contiguous allocated chunk of memory, such as an array or a pointer in C Buffer overflow occurs when a program or process tries to store more data in a buffer than it was intended to hold Buffer overflows are exploited to change the flow of a program in execution Buffer overflows are by far the most commonly exploited bug on the linux/unix Operating systems

3 CSCI 5931 Web Security Process Memory Organization env, argv strings env, argv pointers stack heap.bss.data.text High addess Low address Heap int main(){ Char *var = malloc(3); … } var points to an address which is in the heap.bss char global; int main(){ …. } int main(){ static int var; … } global and var will be in.bss.data char global = ‘a’; int main(){ … } int main(){ static char var = ‘a’; … } global and var will be in.data

4 CSCI 5931 Web Security Buffer Organization Storage of xyz buffer. Buffer “xyz” in memory Two consecutive buffers, xyz and abcde. \0zyx zyx e dcba Unused byte 1 word = 4 bytes

5 CSCI 5931 Web Security Examples char a[5]="yang"; char b[9]="security"; strcpy(b, "maddikayala"); printf("%s\n", a); Initial stack organization After the overflow \0 gnay ytir uces gnay ala yaki ddam a b a b

6 CSCI 5931 Web Security Examples char a[4]="tom"; char b[8]="michael"; strcpy(b, "maddikayala"); printf("%s\n", a); Initial stack organization After the overflow \0mot lae hcim ala yaki ddam a b a overwritten b This is the kind of vulnerability used in buffer overflow exploits

7 CSCI 5931 Web Security Buffer Overflow Countermeasures Write secure code Non-executable Buffers Advanced debugging tools – Fault injection tools – Static analysis tools – StackShield and StackGuard Compilers – offer warnings on the use of unsafe constructs such as gets (), strcpy () – generate the code with built-in safeguards to prevent the use of illegal addresses

8 CSCI 5931 Web Security References http://mixter.void.ru/exploit.html http://www.linuxjournal.com/article.php?sid=6701 http://www.linuxjournal.com/article.php?sid=2902 http://www.devbuilder.org/asp/dev_article.asp?aspid=43 http://immunix.org/StackGuard/discex00.pdf http://www.infosecwriters.com/texts.php?op=display&id=134 http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549 024,00.html http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549 024,00.html

9 CSCI 5931 Web Security Thank you Any Questions???

Download ppt "Buffer Overflow Maddikayala, jagadish. CSCI 5931 Web Security Prof. T. Andrew Yang Monday Feb. 23."

Similar presentations

Dynamic memory allocation

Dynamic memory allocation
Dynamic Memory Allocation in C.  What is Memory What is Memory  Memory Allocation in C Memory Allocation in C  Difference b\w static memory allocation.

Dynamic Memory Allocation in C.  What is Memory What is Memory  Memory Allocation in C Memory Allocation in C  Difference b\w static memory allocation.
Smashing the Stack for Fun and Profit

Smashing the Stack for Fun and Profit
Introduction to Memory Management. 2 General Structure of Run-Time Memory.

Introduction to Memory Management. 2 General Structure of Run-Time Memory.
What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.

What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
DIEHARDER: SECURING THE HEAP. Previously in DieHard…  Increase Reliability by random positioning of data  Replicated Execution detects invalid memory.

DIEHARDER: SECURING THE HEAP. Previously in DieHard…  Increase Reliability by random positioning of data  Replicated Execution detects invalid memory.
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
Buffer Overflows By Tim Peterson Joel Miller Dan Block.

Buffer Overflows By Tim Peterson Joel Miller Dan Block.
Informática II Prof. Dr. Gustavo Patiño MJ 16- 18 24-09-2013.

Informática II Prof. Dr. Gustavo Patiño MJ
1 Day 03 Introduction to C. 2 Memory layout and addresses 5 10 12.5 9. 8 r s int x = 5, y = 10; float f = 12.5, g = 9.8; char c = ‘r’, d = ‘s’; 430043044308431243164317.

1 Day 03 Introduction to C. 2 Memory layout and addresses r s int x = 5, y = 10; float f = 12.5, g = 9.8; char c = ‘r’, d = ‘s’;
CSE 451: Operating Systems Section 1. Why are you here? 9/30/102.

CSE 451: Operating Systems Section 1. Why are you here? 9/30/102.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Stack buffer overflow http://en.wikipedia.org/wiki/Stack_buffer_overflow.

Stack buffer overflow
Dynamic Memory Allocation in C++. Memory Segments in C++ Memory is divided in certain segments – Code Segment Stores application code – Data Segment Holds.

Dynamic Memory Allocation in C++. Memory Segments in C++ Memory is divided in certain segments – Code Segment Stores application code – Data Segment Holds.
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns Jonathan Pincus Microsoft Research Brandon Baker Microsoft Carl Hartung CSCI 7143:

Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns Jonathan Pincus Microsoft Research Brandon Baker Microsoft Carl Hartung CSCI 7143:
Memory Arrangement Memory is arrange in a sequence of addressable units (usually bytes) –sizeof( ) return the number of units it takes to store a type.

Memory Arrangement Memory is arrange in a sequence of addressable units (usually bytes) –sizeof( ) return the number of units it takes to store a type.

Similar presentations

Ads by Google