Nytro Posted July 18, 2013 Report Posted July 18, 2013 Buffer-Overflow Vulnerabilities and Attacks1 MemoryIn the PC architecture there are four basic read-write memory regions in a program: Stack, Data, BSS(Block Started by Symbol), and Heap. The data, BSS, and heap areas are collectively referred to as the”data segment”. In the tutorial titled “Memory Layout And The Stack” [1], Peter Jay Salzman describedmemory layout in a great detail.Stack:Stack typically located in the higher parts of memory. It usually ”grows down”: from highaddress to low address. Stack is used whenever a function call is made.Data Segment– Data area:contains global variables used by the program that are not initialized to zero. Forinstance the string “hello world” defined bychar s[] = "hello world"in C wouldexist in the data part.– BSS segment:starts at the end of the data segment and contains all global variables that areinitialized to zero. For instance a variable declaredstatic int iwould be contained in theBSS segment.– Heap area:begins at the end of the BSS segment and grows to larger addresses from there. TheHeap area is managed bymalloc,realloc, andfree. The Heap area is shared by all sharedlibraries and dynamic load modules in a processDownload:http://www.cis.syr.edu/~wedu/Teaching/cis643/LectureNotes_New/Buffer_Overflow.pdf Quote
