14. Memory Safety Flashcards
(28 cards)
What is an operating system?
Interface between applications and the hardware
What are the execution modes on unix?
- user mode - kernel mode
What is user mode?
Access to resources through syscall to kernel
What is kernel mode
Direct access to resources
What is a process?
Program that is currently executing
What is a PID?
Process ID, used to identify a process
What is a fork?
Method by which a process starts a child process
How are file permissions represented in unix?
What’s a UID (unix)?
Real user ID, user that launched program
What is euid (unix)?
Effective user ID, user that owns program
What is the setuid property?
Sets euid of process to owner (as apposed to user that executed the program) to allow restricted access to sensitive resources
What direction does the heap grow?
Upwards
What direction does the stack grow?
Downwards
What does the text space contain?
- Program instructions - Static data
What is the stack comprised of?
Stack frames
What is in a stack frame?
- Arguments
- Return address
- Stack frame pointer
- Exception handlers
- Local variables
What is the EIP register?
Extended instruction pointer
What is ESP register?
Extended stack pointer
What is EBP register?
Extended base pointer, a more convenient way to access a functions parameters and local variables
What does the calling function do?
- Push arguments onto stack 2. Push return address onto stack 3. Jump to function address
What does the called function do?
- Push old frame pointer onto stack (edp) 2. Set frame pointer (ebp) to end of stack (esp) 3. Push local variables
What does the returning function do?
- Reset previous stack frame: esp = ebd, ebd = (ebd)
- Jump to return address: eip = 4(esp)
What does printf(“%08x”) do?
Since no arguments where provided, it will print 4 bytes from the stack
What does printf (“12345%n”, &i) do?
Writes 5 (bytes written) into i
