Assignment 2, due Feb 5
Part of
the homework for 22C:169, Spring 2010
|
Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated (usually a Friday), and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.
a) Estimate the size of typical objects you have used for dynamic data structures in programs you have written. If a page is 4K bytes, what is the overhead this scheme imposes. Estimate overhead two ways, as a fraction of available RAM, and as a fraction of the address space. (0.5 points)
b) Note that the buffer overflow demonstrated in Friday's class was an attack on a buffer that was part of the activation record of a subroutine. As described above, this scheme may not protect against buffer overflows in local or global variables. Whether it does or does not protect against such attacks depends on the interpretation of one phrase. Identify that phrase and explain why the likely interpretation does not include global variables and might not include local variables. (0.5 points)
a) What does this prevent? (0.5 points)
b) What complexity does it introduce that is avoided when a program is always run from the same virtual address each time it is loaded? (0.5 points)
a) Explain what part of the function of execve() on this system could be implemented using the semantics of unmap() and mmap(). (0.5 points)
b) Explain what part of the function of execve() on this system would require memory to memory copying and cannot be done by mmap(). (0.5 points)
c) With this approach to implementation, where does the static segment go relative to the program segment and the stack segment? (0.5 points)
d) How does this use of mmap() come in conflict with one or more of the defenses against buffer overflow attacks we have discussed? (0.5 points)