L23: Buffer Overflows & System Calls

Creating graphical user interfaces (GUIs) across multiple platforms.

What is GTK+ used for?

Opaque data structures accessed via functions.

What type of data structures does GTK+ use for GUI elements?

strncpy().

What function should be used instead of strcpy() to avoid buffer overflows?

Control can be hijacked, preventing return to main()

What happens when a buffer overflow overwrites a return address on the stack?

On the stack.

In a 32-bit or 64-bit program, where are local variables typically stored?

Dumps a section of stack memory for inspection.

What does the walk() function do in the example?

Address Space Layout Randomization – it randomizes memory layout each run.

What is ASLR?

Use setarch x86_64 -R your_binary.

How can you disable ASLR for debugging purposes?

-fno-stack-protector and -z execstack

What compiler flags remove stack protections for testing buffer overflows?

System calls, page faults, signals, and hardware interrupts.

What causes a transition from user mode to kernel mode?

The interface between user-space processes and the OS kernel.

What are system calls?

open(), read(), write(), or close().

Give an example of a file-related system call.

You create a file descriptor leak.

What happens if you don’t call close() on a file descriptor?

Via registers, though they may also be stored on the stack.

How are arguments typically passed to functions in modern systems?

To directly insert CPU instructions for low-level control.

What is the purpose of inline assembly in C?

It increments the register value by 1.

What is the result of this inline assembly: add $1, %0?