Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Best of 2016 Recommended by Editor Recommended by Reviewer Recommended by Reader
Search
Stack frames : a look from inside
Di Cataldo G., Apress, New York, NY, 2016. 171 pp. Type: Book (978-1-484221-80-8)
Date Reviewed: Jun 7 2017

Those of you who have written programs in C for Linux or Berkeley Software Distribution (BSD) computers may well have wondered how your compiled programs are loaded into memory for execution, and perhaps why you might select options like position-independent code. You might also wonder how hackers have been able to launch buffer-overflow attacks. This book should satisfy your curiosity.

There are three short chapters that introduce concepts like character encoding standards, integer number notations (binary, octal, and hex), and bitwise operations. Readers are advised that stack frame structures will be explored in a later chapter, and they are encouraged to install as virtual machines some of the four different Linux distributions that will be used in that chapter for testing.

Executables and libraries are discussed in chapter 4. The coverage is quite detailed; a couple of short C programs are listed, and readers are shown how these can be compiled into assembly code, and then assembled into object files. Commands for extracting symbols and performing disassembly are explored. Linker and loader operations are illustrated, and the differences between static and dynamic linking are considered. A shared library is then created, and the use of global offset tables and procedure linkage tables is shown in both diagram and list forms.

Chapter 5 occupies the last half of the book; in this chapter, the author explores the stack frame layout of function calls. The reader will gain an in-depth understanding of what happens when one function calls another and how data are passed from caller to callee.

Some graphical representations of stack structure are presented, and some conventions concerning stack content cleanup are discussed. A C program that calls short Fortran and Assembly functions is used to illustrate how different naming conventions may exist in different languages and how these differences may be accommodated.

The reader is then directed to manually copy a two-page test program (written in C) that can be used to dump its stack contents on the 32-bit and 64-bit operating systems mentioned in an earlier chapter. The differences between stack structures on each of these are then discussed using colors to highlight various components of dump listings. Some assembly code listings are used to illustrate that different compilers and different levels of code optimization can produce variations in prologue and epilogue code.

The final part of the chapter illustrates how a shellcode can be executed by a program whose control flow has been cracked by exploiting a vulnerability (such as a buffer overflow).

I managed to test most of the example code in the book using (in place of the suggested 64-bit Debian system) an equivalent Ubuntu system with a 32-bit Slackware virtual machine. My only real problem was that my attempt at exploiting a buffer-overflow vulnerability on the Ubuntu machine resulted in a core dump with the message “stack smashing detected”!

So I can recommend the book to anyone who wants to understand the structure of stack frames and the mechanisms that might be used to launch buffer-overflow attacks. But it would be nice if the publisher included errata and code for download on its website.

Reviewer:  G. K. Jenkins Review #: CR145334 (1708-0500)
Bookmark and Share
  Reviewer Selected
Editor Recommended
Featured Reviewer
 
 
Lists, Stacks, And Queues (E.1 ... )
 
 
General (D.4.0 )
 
Would you recommend this review?
yes
no
Other reviews under "Lists, Stacks, And Queues": Date
A priority queue for the all pairs shortest path problem
Moffat A., Takaoka T. Information Processing Letters 18(4): 189-193, 1984. Type: Article
Mar 1 1985
Amortized efficiency of list update and paging rules
Sleator D., Tarjan R. (ed) Communications of the ACM 28(2): 202-208, 1985. Type: Article
Nov 1 1985
Self-organizing search lists using probabilistic back-pointers
Hester J., Hirschberg D. Communications of the ACM 30(12): 1074-1079, 1987. Type: Article
Oct 1 1988
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy