Week 2 Flashcards
When is buffer overflow possible? (general answer)
When working with memory unsafe languages like C & C++
In short, what is a buffer overflow attack?
Buffer overflow happens when an application written in a memory unsafe language (C/C++) has certain vulnerabilities, and an adversary passes a certain input to the application that allows the adversary to take over the machine that is running the code.
What is a Process?
a program in execution. When a program runs, the OS needs to keep the state of the program. It needs to keep the program’s contents in memory and on disk.
It also ensures that the process runs sequentially. If multiple processes share a single cpu, the OS must be able to start and stop them to effectively handle them.
What happens when a process is stopped?
Its data, memory utilization and execution context are saved out so that the CPU can resume this process from the same place later on.
How many processes are used for single program?
It depends. A single program may run one or multiple processes.
If the application is opened twice, two processes are opened, one for each instance.
If the application requires multiple processes on one instance, then opening another instance will require the same number of processes for itself.
Why does the OS run apps with the process abstraction?
It has to do with multiprogramming. At any point in time, the OS has to manage many applications at the same time.
The concept of a process packages all of a process’ info up nicely so that starting and stopping is easier.
How large is a process’ address space?
From 0 to 264 - 1 bytes
Where are apps run?
In the code or “text” section. It’s read only.
What is the Program Counter?
It points to the address of the next instruction to execute. It’s part of the code segment.
What happens as a program runs?
Temporaryt data gets pushed onto the stack. The stack grows from the top downwards.
When the function calls end, the stack stops tracking the data associated with the given functions.
We track the bottom of the stack (really the top) so we can ensure we don’t grow into the heap.
What is the Data Segment?
The part of memory that holds the global variables we will need. These are defined with the static keyword and are determined at compile time. They don’t change in size/length during the running of the program.
What is the Heap?
Stores dynamically allocated memory. It grows at runtime. The heap can grow and shrink.
What happens when not all of an application’s memory can fit into main memory?
When the process is running, the CPU keeps the context of each process in mind. What it does then it stores only the PC, stack pointer, and registers for the currently executing process.
What is a Process Control Block?
In the OS, each process gets a unique PID or process id. The OS maintains a table or array of process control blocks.
Each entry points to a process control block or PCB. The PCB stores the context of a process.
The PCB holds many values, including stack pointer, PC and registers. When P1 is executing, only the hardware registers are updated.
When P1 pauses, all of this information is stored in the PCB. PCB is not updating along with the CPU. It just gets the values when it finishes.
QUIZ:
Say we have a website that runs on some server. Might be like an http server or a database like mysql.
We also have clients that run on the web browser.
The apache web server will parse the http requests and respond with the appropriate information/content/site. The browser takes all the information, and renders the website.
If you’re the owner of the site, what assets do you need to you need to worry about?
- The web page – this includes the content. We want it unaltered and protected.
- The web server – if an attacker can compromise this, they can compromise the content of our pages.
- The database – we want to protect our data from hackers.
- The operating system – We need to protect this because if the attacker can get into it, other applications can be hijacked. They can take email, etc.