
callee:
pushl %edp save %edp on stack
movl %esp, %edp
pushl %ebx save %ebx
subl $20, %esp
......
popl %ebx restore %ebx
popl %edp restore %ebp
ret
1.if the stored value of %ebx is corrupted, then this registerwill not be restored properly, and so the caller will not be able to rely on the integrity of this register, even though it should be callee-saved.
2.If the stored value of %edp is corrupted, then this register will not be restored properly, and so the caller will not be able to reference its local variables or parameters properly.
3.If the stored value of the return address is corrupted, then the ret instruction will cause the program to jump to a totally unexecpted location
Stack of randomization has become standard practice In Linux systems. It is one of a larger class of techniques known as address-space layout randomization, or ASLR. With ASLR, different parts o the program, including
program code, library code, stack, global variables, and heap data, are loaded into different regions of memory each time a program is run.
本文探讨了在Linux系统中采用地址空间布局随机化(ASLR)技术来增强程序安全性的重要性。通过分析堆栈上关键寄存器如%ebx、%ebp及返回地址的保存与恢复过程,揭示了如果这些值被破坏可能导致的问题。此外,文章还介绍了ASLR如何通过随机化程序各部分在内存中的位置来提高安全性。

被折叠的 条评论
为什么被折叠?



