Preparation for Recitation on Beyond Stack Smashing
Read the paper by Jonathan Pincus and Brandon Baker, Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns.
Stack smashing is one of the most frequent attacks used on computer systems that run software written in the C programming language. Sidebar 11.4 on page 11-23 of the class text describes them, and you can use Section VI of our 2014 quiz to check your understanding in detail (solutions).
It's 100% not required reading for 6.033, but the original "paper" on stack smashing is a great read.
Most simple attacks won't work anymore, but attackers have come up with more sophisticated versions. This paper describes some of those versions. Each section describes a different category of attack; you should be able to understand simple examples of each attack (such as those given in the paper) as well as how the attacks differ. Despite prevantative measures in this area, new attacks are often developed in response.
As you read, think about the following:
- Stack-smashing requires an executable stack. Why not make the stack non-executable? Are there similar issues for the other attacks?
- How do these attacks relate to the guard model discussed in lecture?
Please answer the following question:
- The authors describe a variety of attacks. What is the root cause that allows these attacks to occur?
- Pick one of the attacks. How does it exploit that root cause?
- Why doesn't the C language prevent the root cause of these attacks?