Today we exploit a buffer overflow in an assembly program to redirect the CPU to a function that we aren’t authorized to run! We then transition into our discussion of existing high-level languages. But first, why did we need something better than assembly?
Imagine you are an assembly programmer in the 1950s without knowledge of future technologies. What gripes do you have about your job?
We’ll fast-forward through a history of C and write one or two C programs, enjoying its advantages over assembly.
.section .data secret: .asciz "Third tree right of the buson.\n" prompt: .asciz "Enter password: " out_message: .asciz "Your password is: %s.\n" .section .text .globl main main: call check_password # if password matches (%eax) # jmp to secret # else # exit 1 pushl $1 call exit only_when_authorized: pushl $secret call printf addl $4, %esp pushl $0 call exit check_password: pushl %ebp movl %esp, %ebp subl $4, %esp pushl %esp call gets addl $4, %esp pushl %esp pushl $out_message call printf addl $8, %esp # check password! # return in %eax some truth value addl $4, %esp popl %ebp ret