Q. What is a simple way to create a stack overflow vulnerability?

View solution

Q. What happens when a buffer of an unknown size is copied over into a limited-sized stack buffer?

View solution

Q. What is the most likely candidate to be stored in registers instead of the stack?

View solution

Q. What happens when a function tries to return to the caller?

View solution

Q. What is a common payload used in a typical buffer overflow?

View solution

Q. What is a strategy for determining the current stack address in a target program?

View solution

Q. What is a classic case of a trivial overflow bug?

View solution

Q. What is an example of a tool that can be used to disassemble a program?

View solution

Q. How are parameters passed in cdecl functions?

View solution

Q. What is the disadvantage of the optimization chosen by the compiler for unwinding function parameters?

View solution

Q. Why does the function end up using a bit more stack space?

View solution

Q. Which type of threads in Windows have a very limited stack space?

View solution

Q. What is the disadvantage of the function's stack unwinding approach from the program's perspective?

View solution

Q. Why is it important to ensure that the code that’s accessing a large block of stack space is properly aware of its size?

View solution

Q. What are intrinsic implementations?

View solution

Q. Why are string-manipulation routines historically a reason for vulnerabilities?

View solution

Q. What is the aim of using automatic, compiler-generated stack checking?

View solution

Q. How does automatic, compiler-generated stack checking work?

View solution

Q. What is the purpose of the cookie used in stack checking?

View solution

Q. Why does the cookie used in stack checking need to be a random number?

View solution