Premium Partner
c2b_default

Dobin 0x11_MemoryLayout.pdf

Dobin 0x11_MemoryLayout.pdf

Dobin 0x11_MemoryLayout.pdf

9
0.0 (0)

Set of flashcards Details

Flashcards 9
Language English
Category Religion/Ethics
Level University
Created / Updated 21.06.2019 / 21.06.2019
Licencing Not defined
Weblink
https://card2brain.ch/box/20190621_dobin_0x11memorylayout_pdf
Embed
<iframe src="https://card2brain.ch/box/20190621_dobin_0x11memorylayout_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>

Describe the memory layout of a 32 bit system inluding the EIP and ESP pointer.

Log in to view images.

What are the charecteristics of the stack?

Stack:

  • There is one contiguous memory region containing the stack for the process
  • LIFO - Last in, First Out
  • Contains funtion local variables
  • Also contains: Saved Instruction Pointer (SIP)
  • Current function adds data to the top (bottom) of the stack

What are the charecteristics of the heap?

Heap: 

  • There is on contiguous memory region containing the heap
  • Memory allocator returns specific pieces of the memory region
  • For malloc()
  • Alos contains: heap management data

What is stored in the code region in memory?

Code region contains:

  • Compiled program code

What is the ELF format, and name 3 types.

Programs are stored in ELF files

ELF: Executable and Linkable Format

  • Like COFF, PE (EXE), ....

ELF types:

  • ET_EXEC: Executable File
  • ET_REL: Relocatable File
  • ET_DYN: Shared Object File

ELF "views"

  • Sections
  • Segments

Describe the ELF Format how is it structured?

Log in to view images.

Sturcture of ELF file from top to bottom:

  1. ELF Header
  2. Program Header Table (contains the location of sections)
  3. Sections (are contained in segments)
  4. Section Header Table (contains locationn of sections

In the ELF format what can be contained in the sections?

Sections:

  • .text: Executable instructions
  • .bss: Unitialized data (usualy the heap)
  • .data: initialized data
  • .rodata: Read-Only data
  • .got: Global Offset Table
  • .plt: Prcedure Linkage Table
  • .init / .fini: initialiyation instructions ("glibc")

How is an ELF file loaded what is loaded into the stack, heap and code block?

Log in to view images.

.plt, .text, .init get written into code block

.got, .data, .bss is written into the heap

unalocated space is the stack.