Preparation for Recitation on Beyond Stack Smashing

Read the paper by Jonathan Pincus and Brandon Baker, Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns.

Stack smashing is one of the most frequent attacks used on computer systems that run software written in the C programming language. Sidebar 11.4 on page 11-23 of the class text describes them, and you can use Section IV of our 2014 quiz to check your understanding in detail (solutions).

It's 100% not required reading for 6.033, but the original "paper" on stack smashing is a great read.

Most simple attacks won't work anymore, but attackers have come up with more sophisticated versions. This paper describes some of those versions. Each section describes a different category of attack; you should be able to understand simple examples of each attack (such as those given in the paper) as well as how the attacks differ. Despite prevantative measures in this area, new attacks are often developed in response.

As you read, think about the following:

Please answer the following question: