举荐视频:
90分钟了解Linux内存架构,numa的优势,slab的实现,vmalloc原理文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
内存泄露的3个解决方案与原理实现,知道一个可以轻松应答开发文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
1. 蠕虫病毒简介文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
2. 缓冲区溢出文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
3. 缓冲区溢出举例void echo(){ char buf[4]; /*buf故意设置很小*/ gets(buf); puts(buf);}void call_echo(){ echo();}文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
/*echo*/000000000040069c <echo>: 40069c:48 83 ec 18 sub $0x18,%rsp /*0X18 == 24,分配了24字节内存。计算机会多分配一些给缓冲区*/4006a0:48 89 e7 mov %rsp,%rdi 4006a3:e8 a5 ff ff ff callq 40064d <gets>4006a8::48 89 e7 mov %rsp,%rdi4006ab:e8 50 fe ff ff callq callq 400500 <puts@plt>4006b0:48 83 c4 18 add $0x18,%rsp 4006b4:c3 retq /*call_echo*/4006b5:48 83 ec 08 sub $0x8,%rsp 4006b9:b8 00 00 00 00 mov $0x0,%eax4006be:e8 d9 ff ff ff callq 40069c <echo>4006c3:48 83 c4 08 add $0x8,%rsp 4006c7:c3 retq文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
4. 缓冲区溢出的危害文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
5. 内存在计算机中的排布方式文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
6. 计算机中越界走访的后果文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
typedef struct { int a[2]; double d;}struct_t;double fun(int i){ volatile struct_t s; s.d = 3.14; s.a[i] = 1073741824; /*可能越界*/ return s.d;}int main(){ printf(&文章源自微观生活(93wg.com)微观生活-https://93wg.com/21657.html
fun(0):3.14fun(1):3.14fun(2):3.1399998664856fun(3):2.00000061035156fun(6):Segmentation fault
7. 防止缓冲区溢出的三种办法
7.1 栈随机化
int main(){ long local; printf(&
7.2 检测栈是不是被损坏
//void echo subq $24,%rsp Allocate 24 bytes on stackmovq %fs:40,%rax Retrieve canary movq %rax,8(%rsp) Store on stackxorl %eax, %eax Zero out register //从内存中读出一个值movq %rsp, %rdi Compute buf as %rsp call gets Call gets movq ‰rsp,%rdi Compute buf as %rspcall puts Call puts movq 8(%rsp),%rax Retrieve canary xorq %fs:40,%rax Compare to stored value //函数将存储在栈位置处的值与金丝雀值做比较je .L9 If =, goto ok call __stack_chk_fail Stack corrupted .L9addq $24,%rsp Deallocate stack space ret
7.3 限制可执行代码区域
8. 总结
以上就是微观生活(93wg.com)关于“「linux」多图详解缓冲区溢出问题”的详细内容,希望对大家有所帮助!
评论