Question: Consider the functions below, with both C code and compiled assembly provided. Recall that gets (buf) simply copies input in to buf. The inintial values
Consider the functions below, with both C code and compiled assembly provided. Recall that gets (buf) simply copies input in to buf. The inintial values of rsp, rbp, and rip are provided. The initial value of rip tells you the first instruction which will start to execute: the push at the start of test\_func. You can assume that the leaveq instruction is equivalent to movq $rbp, $rsp followed by popq $rbp. Initial State %rip = 0x40002e %rbp = Oxff0088 %rsp = Oxff0068 void test_func(){ int localArr[4] = {Oxaddedfee, Oxfadedace, Oxcedeface, Oxabaddeed}; get_buffer(); printf("%x ", localArr[0]); 000000000040002e : 40002e: push %rbp 40002f: mov %rsp,%rbp 400032: sub $0x10,%rsp 400036: movl $0xaddedfee, - Ox 10(%rbp) 40003d: movl $0xfadedace, -Oxc%rbp) 400044: movl $ 0xcedeface,- Ox8%rbp) 40004b: $ Oxabaddeed, -Ox4(%rbp) 400052: lea -Ox10(%rbp),%rdi 400056: callq 400016 40005b: mov - Ox10 %rbp), %edx 40005e: mov $0x400794,%esi 40006d: callq 40040 400072: leaveq 400073: retq void get_buffer() { char buf[8]; gets (buf); 0000000000400016 40002c: leaved 40002d: reta void magic(){ printf("+1 "); 0000000000400074 : 400074: push %rbp 400075: mov %rsp,%rbp 400078: mov $0x400798, %edi 40007d: callq 40040 400082: pop %rbp 400083: retq (d) Suppose you want to construct an input to make this program print ``+1", as is done by the magic function. The input below includes the null character gets will add, and is nearly complete; fill in the single blank character. ASCII 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ?? 10 HEX 0x300x300x300x300x300x300x300x300x300x300x300x300x300x300x300x30 Ox00 (e) Suppose you want to construct an input to make this program print Oxcedeface, instead of Oxaddedfee. The input below includes the null character gets will add, and is nearly complete; fill in the single blank character. Remember, %rbp is the base of a function's stack frame. ASCII00000000 ?? 10 HEX 0x30 0x300x300x300x300x300x300x30 Ox00 Consider the functions below, with both C code and compiled assembly provided. Recall that gets (buf) simply copies input in to buf. The inintial values of rsp, rbp, and rip are provided. The initial value of rip tells you the first instruction which will start to execute: the push at the start of test\_func. You can assume that the leaveq instruction is equivalent to movq $rbp, $rsp followed by popq $rbp. Initial State %rip = 0x40002e %rbp = Oxff0088 %rsp = Oxff0068 void test_func(){ int localArr[4] = {Oxaddedfee, Oxfadedace, Oxcedeface, Oxabaddeed}; get_buffer(); printf("%x ", localArr[0]); 000000000040002e : 40002e: push %rbp 40002f: mov %rsp,%rbp 400032: sub $0x10,%rsp 400036: movl $0xaddedfee, - Ox 10(%rbp) 40003d: movl $0xfadedace, -Oxc%rbp) 400044: movl $ 0xcedeface,- Ox8%rbp) 40004b: $ Oxabaddeed, -Ox4(%rbp) 400052: lea -Ox10(%rbp),%rdi 400056: callq 400016 40005b: mov - Ox10 %rbp), %edx 40005e: mov $0x400794,%esi 40006d: callq 40040 400072: leaveq 400073: retq void get_buffer() { char buf[8]; gets (buf); 0000000000400016 40002c: leaved 40002d: reta void magic(){ printf("+1 "); 0000000000400074 : 400074: push %rbp 400075: mov %rsp,%rbp 400078: mov $0x400798, %edi 40007d: callq 40040 400082: pop %rbp 400083: retq (d) Suppose you want to construct an input to make this program print ``+1", as is done by the magic function. The input below includes the null character gets will add, and is nearly complete; fill in the single blank character. ASCII 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ?? 10 HEX 0x300x300x300x300x300x300x300x300x300x300x300x300x300x300x300x30 Ox00 (e) Suppose you want to construct an input to make this program print Oxcedeface, instead of Oxaddedfee. The input below includes the null character gets will add, and is nearly complete; fill in the single blank character. Remember, %rbp is the base of a function's stack frame. ASCII00000000 ?? 10 HEX 0x30 0x300x300x300x300x300x300x30 Ox00
Study Help