CS 330 Lecture 17 – C
Agenda
- what ?s
- buffer overflows
- gripes with assembly
- history of compilers and C
-
atoi -
itoa
TODO
- Read The Descent to C. Write down 2-3 questions or observations on a 1/4 sheet.
Note
Today we exploit a buffer overflow in an assembly program to redirect the CPU to a function that we aren’t authorized to run! We then transition into our discussion of existing high-level languages. But first, why did we need something better than assembly?
Imagine you are an assembly programmer in the 1950s without knowledge of future technologies. What gripes do you have about your job?
We’ll fast-forward through a history of C and write one or two C programs, enjoying its advantages over assembly.
Code
overflow.s
.section .data
secret:
.asciz "Third tree right of the buson.\n"
prompt:
.asciz "Enter password: "
out_message:
.asciz "Your password is: %s.\n"
.section .text
.globl main
main:
call check_password
# if password matches (%eax)
# jmp to secret
# else
# exit 1
pushl $1
call exit
only_when_authorized:
pushl $secret
call printf
addl $4, %esp
pushl $0
call exit
check_password:
pushl %ebp
movl %esp, %ebp
subl $4, %esp
pushl %esp
call gets
addl $4, %esp
pushl %esp
pushl $out_message
call printf
addl $8, %esp
# check password!
# return in %eax some truth value
addl $4, %esp
popl %ebp
ret