Corrupting Memory in C Programs

Corrupting Memory in C Programs
An Introduction

Prof. David Bernstein
James Madison University

Computer Science Department

bernstdh@jmu.edu

Motivation

Characteristics of C:
- Lightweight - Many things are the responsibility of the programmer, not the language
- Permissive - The language does not prevent the programmer from doing almost anything
- Close to the Machine - Many operations are defined in terms of how the target machine's hardware does it, not a general abstract rule
An Implication:
- C programs often manipulate memory at a low level and, hence, can corrupt memory

Kinds of Corruptions

Resulting from Buffer Overflow:
- Using memory locations adjacent to a buffer (e.g., an explicit array, a string)
Resulting from Pointer Defects:
- Using pointers to inappropriate addresses

What Can Be Corrupted?

Which Entities?
- Values
- Pointers to values
- Pointers to functions
- Return addresses
Which Memory Segments?
- Data segment
- Stack
- Heap

A String Overflow in the Data Segment

cexamples/bufferoverflow/unix/string_overflow_data.c