Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Consider a MIPS assembly language program that contains a function normal_user() that reads input from the MIPS input address. The function normal_user() groups the 8-bit
Consider a MIPS assembly language program that contains a function normal_user() that reads input from the MIPS input address. The function normal_user() groups the 8-bit ASCII characters from the input together into groups of four (making 32-bit numbers) and then pushes those 32-bit numbers onto the stack. Then normal_user() calls a bunch of other functions before popping those numbers back off the stack. There is another function in the program called secure_admin() that does some- thing very important that should never be done by a user who is using the function normal_user(). There is no call to the function secure admin() anywhere in the code for normal_user(). Oh no! The programmer that wrote normal_user() made a horrible mistake and forgot to pop the final group of four ASCII characters (the final 32-bit number) off the stack! This was the last thing that normal_user() does before it loads register $31 back off the stack and ends the function with jr $31 as usual. How could an evil user, who is only allowed to type input into normal_user(), take ad- vantage of this mistake to trick the program into running the secure-admin() function even though it was not supposed to? You can assume the entire program is stored in memory at addresses less than 231. You can assume the evil user can read the program's assembly language source code, but cannot modify it. Submit the file a4q4.pdf or a4q4.txt (3 Marks). Consider a MIPS assembly language program that contains a function normal_user() that reads input from the MIPS input address. The function normal_user() groups the 8-bit ASCII characters from the input together into groups of four (making 32-bit numbers) and then pushes those 32-bit numbers onto the stack. Then normal_user() calls a bunch of other functions before popping those numbers back off the stack. There is another function in the program called secure_admin() that does some- thing very important that should never be done by a user who is using the function normal_user(). There is no call to the function secure admin() anywhere in the code for normal_user(). Oh no! The programmer that wrote normal_user() made a horrible mistake and forgot to pop the final group of four ASCII characters (the final 32-bit number) off the stack! This was the last thing that normal_user() does before it loads register $31 back off the stack and ends the function with jr $31 as usual. How could an evil user, who is only allowed to type input into normal_user(), take ad- vantage of this mistake to trick the program into running the secure-admin() function even though it was not supposed to? You can assume the entire program is stored in memory at addresses less than 231. You can assume the evil user can read the program's assembly language source code, but cannot modify it. Submit the file a4q4.pdf or a4q4.txt
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started