P1L2 Software Security
Required Reading: The protection of information in computer systems
Required Reading 2: A study on the Morris Worm
Software vulnerabilities and how attackers exploit them
Buffer overflow
Stacks are used
- Function/procedure calls
- allocation of memory for
- local variables
- parameters
- control information (return address)
Defenses against attacks that try to exploit buffer overflows
Security programming
- code “defensively”, expecting it to be exploited;
- do not trust the user “input”.
Last updated on