Overwriting the Return Address

The purpose of this demonstration is to show how user input can overflow a variable and change the return address on the stack. Your challenge is to enter data that will overflow the input buffer allowing you to execute the DontCallThisFunction(). Use the appropriate ASCII character whose numerical value is the start address of DontCallThisFunction.

General explanation of simulations

· The simulated program’s console screen is shown in the upper right corner.

· The grid on the right represents the 256 bytes of simulated memory in a 16 by 16 grid. The address of a given location is given by the row (most significant or left most 4 bits) and the column (least significant).

· The program instructions occupy smaller addresses and are color coded to match the source code.

· A *in the program memory represents the current program counter location. An ‘Xrepresents the return location of a function call. Simple data types (such as char) are passed by value where the value of the parameter is copied to the stack. Complex data types (such as arrays) are passed by reference where the address of the parameter is pushed on the stack.

· Return addresses appear on the stack as a ‘$. Addresses on the stack are represented as a ‘&.

· Local variables are allocated on the stack.

· An input box will appear at the top when the simulated program requests user input. You can only enter letters. At times it may be useful to input a character that overwrites an address on the stack. The ASCII code of the character will be used as the address in the 256 bytes of simulated memory.

· All library functions, such as gets() and puts(), are assumed to be compiled inline and therefore don't require a function call.







This stack overflow simulation was created by Dr. Kenneth A. Williams. It is a modification of a program created by Dr. Susan Gerhart under NSF Award No. 0113627