Skip to main content

P1L2 Software Security

Required Reading: The protection of information in computer systems

Required Reading 2: A study on the Morris Worm

Software vulnerabilities and how attackers exploit them

Buffer overflow

Stacks are used

Function/procedure calls
allocation of memory for
- local variables
- parameters
- control information (return address)

Defenses against attacks that try to exploit buffer overflows

Security programming

code "defensively", expecting it to be exploited;
do not trust the user "input".

Software vulnerabilities and how attackers exploit them
Defenses against attacks that try to exploit buffer overflows
Security programming