Spring 2010

Preparation for Recitation 21

For today, read paper 20 from the reading list: Jonathan Pincus and Brandon Baker. Beyond stack smashing: recent advances in exploiting buffer overruns. IEEE Security and privacy, August 2004.

Stack smashing is one of the most frequent attacks used on computer systems that run software written in the C programming language (see sidebar 11-4 on page 11-751 of the class notes). Most simple attacks won't work anymore, but attackers have come up with more sophisticated versions. This paper describes some of those versions. As you read this paper, you may ask yourself what is the root problem that allows stack smashing?

Questions or comments regarding 6.033? Send e-mail to the 6.033 staff at or to the 6.033 TAs at

Top // 6.033 home //