期刊文献+

在堆栈缓冲区溢出中程序调用的分析和研究 被引量:1

Analysis and Research of Program Call in Stack Buffer Overflow
下载PDF
导出
摘要 缓冲区溢出漏洞是当前互联网中存在的最主要的威胁之一。该文针对缓冲区溢出漏洞的产生原理,在Intel386处理器的基础上,分析了堆栈和寄存器以及程序的调用规则,并以C/C++语言为例通过反汇编详细分析了程序内存的结构和管理。 Buffer overflows are the most serious threatens to the computer security. In this paper, according to the generation principle of buffer overflow vulnerabilities, analyze the stack and register as well as the rules of program call on the basis of Intel386 CPU, take C/C++ for example, through anti-assembler analysis the structure and management of program memory in detail.
作者 杨礼波 张志亮 YANG Li-bo1, ZHANG Zhi-liang2 (1.School of Information Engineering, North China University of Water Resources and Electric Power, Zhengzhou 450011, China; 2. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 610054, China)
出处 《电脑知识与技术(过刊)》 2010年第17期4686-4689,共4页 Computer Knowledge and Technology
关键词 缓冲区溢出 堆栈 寄存器 函数调用 程序内存结构 buffer overflow stack register function call structure of program memory
  • 相关文献

参考文献10

  • 1李毅超,刘丹,韩宏,卢显良.缓冲区溢出漏洞研究与进展[J].计算机科学,2008,35(1):87-89. 被引量:11
  • 2王业君,倪惜珍,文伟平,蒋建春.缓冲区溢出攻击原理与防范的研究[J].计算机应用研究,2005,22(10):101-104. 被引量:12
  • 3CERT/CC.Vulnerability notes by metric. http://www.kb.cert.org/vuls/bymetric .
  • 4Larry Rogers.Buffer Overflows What Are They and What Can I Do About Them. http://www.cert.org/homeusers/buffer_overflow.html .
  • 5Donaldson M.Inside the Buffer Overflow Attack:Mechanism,Method,&Prevention. http://rr.sans.org/code/inside-buffer.php .
  • 6Mayers N C.Memory management in C++. C++report . 1993
  • 7One A.Smashing the stack for fun and profit. http://immunix.org/StackGuard/profit.html . 1996
  • 8Aleph One.Smashing the Stack for Fun and Profit. http://phrack.org/show.php?p=49&a=14 .
  • 9E. Haugh,M. Bishop.Testing C Programs for Buffer Overflow Vulnerabilities. Proceedings of the 2003 Symposium on Networked and Distributed System Security (NDSS 2003) . 2003
  • 10Jonathan Corbet,Alessandro Rubini,Greg Kroah-Hartman.Linux Device Drivers. . 2005

二级参考文献44

  • 1Mark W Eichin, et al. An Analysis of the Intemet Virus of November 1988[ C]. IEEE Computer Society Press, 1989. 326-344.
  • 2微软网站. What You Should Know about the Blaster Worm[EB/OL]. http :∥www. microsoft. com/security/incident/blast. asp,2003.
  • 3.中国网络信息安全."震荡波"E变种病毒全面分析报告[EB/OL].http:∥www.china-infosec.org.cn/virus/index.php?id=7484&page=7484,2004.
  • 4ICAT. Top Ten List[ EB/OL]. http:∥icat. nist. gov/icat. cfm? function = topten ,2003.
  • 5Mark Donaldson. Inside the Buffer Overflow Attack: Mechanism,Method, & Prevention [ EB/OL]. http :∥rr. sans. org/code/inside_buffer. php,2002.
  • 6.对于缓冲区溢出的保护方法[EB/OL].瑞星网站http:∥it.rising. com. cn/newSite/Channels/Safety/SysSafety/Safe- Other/200210/31 - 153601950. htm,2002.
  • 7Crispin Cowan, et al. Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade [ C ]. DARPA Information Survivability Conference and Exposition, 2000.
  • 8Aleph One. Smashing the Stack for Fun and Profit [EB/OL]. http :∥phrack. org/show. php? p = 49&a = 14,2003.
  • 9Isno.Windows 下的 HEAP 溢出及其利用 [ EB/OL].http:∥www.xfocus. net/articles/200205/397. html,2002.
  • 10Conover, Matt. w00w00 on Heap Overflows[EB/OL]. http:∥www.w00w00. org/files/articles/heaptut. txt, 1999.

共引文献19

同被引文献13

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部