EC521 Lec13 (Software Security)

In what form do most files come in

binary files

What happens when developers write code

The code compiler converts them into binary code that the CPU later executes

What are the stages of compilation

1. Your file is created

2. Preprocessor deals with #includes and macros

3. compiler deals with optimizations and makes assembly code

4. assembler takes assembly code and produces object file (machine code that can be directly executed by CPU)

5. linker produces executable for cpu and merges together all your source files into single executable

What is Assembly

A low level language that maps the operations performed by the CPU

One ___ instruction = one CPU instruction

How are Assembly instructions identified

They are identified by mnemonics (what the instruction does) followed by a variable number of arguments

How many syntaxes can you see with Assembly

1. Intel — <mnemonic> <dst>,<src>

2. AT&T — <mnemonic><src>,<dst>

What size are the registers of an x86 32bit CPU

32bits

How many general purpose registers are in a x86 CPU and what do they do?

4 Registers and they store data/operands/pointers

eax, ebx, ecx, edx

Assembly instructions can access smaller portions of these registers for backwards compatibility

What are the special registers in a CPU

1. PC (Program Counter) → contains the address of the next instruction to be executed

2. Stack pointer → Keeps track of your current local variables and control information for the current function

   1. Frame pointer → points at the stop of the stack

What is a Flag in a CPU

Special registers that contain information about operands, for example an overflow flag

What are some examples of instructions

• Nop - do nothing (good for preventing hazards/synchronization)

• add

• sub

• jmp - jump (je,jle,jg — conditional jumps)

• and, or, xor

  • int - interrupts (execute system calls)

What endian architecture is x86

little endian — least significant byte stored first

What is the executable file format

Executable code gets encapsulated in an “envelope” that contains all the information required to run it.

What is the most common file format in Linux

The executable linkable format (ELF)

What does ELF format contain

a header specifying the type of file (executable, library), the architecture, and offset of segments

various segments containing the programs code (.text) and data (.data)

Debug information

What does a debugger allow you to do

Start, stop, program execution

What are some useful gdb commands

r — runs the program

b — sets the breakpoint
set" allows you to modify the value of a register

"c" continues the execution

"si" steps to the next instruction

What is memory layout

when a program is executed, the operating system loads it into virtual memory and assigns a memory region to it — program can access this regions and nothing else

What does a memory region of a program store?

1. Executable code — program’s code and libs

2. global data — this is what we had in the assembly program

3. temporary (function) data — stack

4. dynamic (malloc) data — heap