Jump to content
Nytro

Buffer-Overflow Vulnerabilities and Attacks

Recommended Posts

Buffer-Overflow Vulnerabilities and Attacks

1 Memory

In the PC architecture there are four basic read-write memory regions in a program: Stack, Data, BSS

(Block Started by Symbol), and Heap. The data, BSS, and heap areas are collectively referred to as the

”data segment”. In the tutorial titled “Memory Layout And The Stack” [1], Peter Jay Salzman described

memory layout in a great detail.

Stack:

Stack typically located in the higher parts of memory. It usually ”grows down”: from high

address to low address. Stack is used whenever a function call is made.

Data Segment

Data area:

contains global variables used by the program that are not initialized to zero. For

instance the string “hello world” defined by

char s[] = "hello world"

in C would

exist in the data part.

BSS segment:

starts at the end of the data segment and contains all global variables that are

initialized to zero. For instance a variable declared

static int i

would be contained in the

BSS segment.

Heap area:

begins at the end of the BSS segment and grows to larger addresses from there. The

Heap area is managed by

malloc

,

realloc

, and

free

. The Heap area is shared by all shared

libraries and dynamic load modules in a process

Download:

http://www.cis.syr.edu/~wedu/Teaching/cis643/LectureNotes_New/Buffer_Overflow.pdf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...