Answered step by step
Verified Expert Solution
Question
1 Approved Answer
computer security 4.4. A student proposes to change how the stack grows. Instead of growing from high address to low address, the student proposes to
computer security
4.4. A student proposes to change how the stack grows. Instead of growing from high address to low address, the student proposes to let the stack grow from low address to high address This way, the buffer will be allocated above the return address, so overflowing the buffer will not be able to affect the return address. Please comment on this proposal. 4.5. In the buffer overflow example shown in Listing 4.1, the buffer overflow occurs inside the strcpy ) function, so the jumping to the malicious code occurs when strcpy ) returns, not when foo ) returns. Is this true or false? Please explain. 4.6. The buffer overflow example was fixed as below. Is this safe? int bof (char str, int size) char buffer (char ) malloc (size) / The following statement has a buffer overflow problem / strcpy (buffer,str) return 1; 4.7. In exploit.c(Listing 4.2), when assigning the value for the return address, can we do the following? Do you think the return address will point to the shell code or not? Why? *((long (buffer +0x24)) -buffert 0x150; 4.4. A student proposes to change how the stack grows. Instead of growing from high address to low address, the student proposes to let the stack grow from low address to high address This way, the buffer will be allocated above the return address, so overflowing the buffer will not be able to affect the return address. Please comment on this proposal. 4.5. In the buffer overflow example shown in Listing 4.1, the buffer overflow occurs inside the strcpy ) function, so the jumping to the malicious code occurs when strcpy ) returns, not when foo ) returns. Is this true or false? Please explain. 4.6. The buffer overflow example was fixed as below. Is this safe? int bof (char str, int size) char buffer (char ) malloc (size) / The following statement has a buffer overflow problem / strcpy (buffer,str) return 1; 4.7. In exploit.c(Listing 4.2), when assigning the value for the return address, can we do the following? Do you think the return address will point to the shell code or not? Why? *((long (buffer +0x24)) -buffert 0x150Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started