Corrupting Memory in C Programs
An Introduction
Prof. David Bernstein
James Madison University
Computer Science Department
bernstdh@jmu.edu
Motivation
Characteristics of C
:
Lightweight - Many things are the responsibility of the programmer, not the language
Permissive - The language does not prevent the programmer from doing almost anything
Close to the Machine - Many operations are defined in terms of how the target machine's hardware does it, not a general abstract rule
An Implication:
C programs often manipulate memory at a low level and, hence, can corrupt memory
Kinds of Corruptions
Resulting from Buffer Overflow:
Using memory locations adjacent to a buffer (e.g., an explicit array, a string)
Resulting from Pointer Defects:
Using pointers to inappropriate addresses
What Can Be Corrupted?
Which Entities?
Values
Pointers to values
Pointers to functions
Return addresses
Which Memory Segments?
Data segment
Stack
Heap
A String Overflow in the Data Segment
cexamples/bufferoverflow/unix/string_overflow_data.c