Data representation 5: Undefined behavior, assembly

Overview

We investigate the consequences of undefined behavior, run a simple stack-smashing attack, and begin the assembly unit.

Signed integer overflow is undefined behavior

datarep-arith/ubsignedinc three ways

  1. SAN=1 (sanitized, optimized)
  2. SAN=0 O=0 (not sanitized, not optimized)
  3. SAN=0 (not sanitized, optimized)

More examples of undefined behaviors

Consequences

Optimizers and undefined behavior

  1. ./ubsignedloop 0 0x7fffffff (SAN=1, SAN=0, SAN=0 O=0)
  2. ./ubtable 4 (SAN=1, SAN=0 O=0, SAN=0)

Smashing the stack, and intro to assembly

Aside: Internal metadata

Aside: Representing sets bitwise

Bitset example