20165214 2018-2017-1 "Information Security system Design Fundamentals" The third week study summary of learning Contents
1. In fact, the GCC command invokes a series of programs that convert the source code into executable code.
2, the actual realization of the memory system is to combine multiple hardware memory and operating system software.
3. ISA: Instruction set architecture, which defines the state of the processor, the format of the instruction, and the effect of each instruction on the state.
4, the program counter (in IA32, commonly referred to as "PC", denoted by%eip), indicates the address of the next instruction to be executed in memory.
5. The operating system is responsible for managing the virtual address space and translating the virtual address into the physical address in the actual processor memory.
6. If we want to get 32-bit code on a 64-bit machine, we can use the instructiongcc -m32 -S xxx.c
7. IA32 uses the stack frame structure to support procedure calls. The portion of the stack allocated for a single process is called a stack frame. Stack pointers can be moved, so most of the information is accessed relative to the stack frame. Note that if the procedure P (caller) calls the procedure Q (callee), then the Q parameter is placed in the stack frame of p. At the same time, the return address of P is pressed into the stack.
8, and we usually learn the stack is somewhat different: in the stack frame, the stack to the low address direction growth. So, if we want to increase the stack space, we have to do is to reduce the value of the stack pointer instead of increasing.
9, about the compilation of the relevant directives, in the last semester of the compilation of the course we have concluded, here will not repeat the summary.
10, about the C language pointer operation: if P is a pointer to data of type T, p is x, then the value of the expression P+i is X+l*i, where L is the size of T. Single operator&
Used to generate an address,*
Used to refer to an address indirectly.
11. After reading the third chapter of the textbook, the instruction used in the first chapter is used to assemble the test code in the class, and get the following:
The assembler code here is a bit different from the assembly code we learned earlier.
12, data alignment: In order to make the data better docking, many systems have aligned the data, stipulating that each type of data will have its own number of bytes, which can improve the efficiency of the computer.
13, buffer overflow: Sometimes, our input in the C language can be arbitrary input, such as the function gets () and so on. However, this can result in data overflow because the Get function divides a row by a space. If we specify a certain number of x for a character array, and we use the Get function to enter, enter more than x characters, and then press ENTER, you will find a buffer overflow, adversely affect the program, and even let the program execute functions that would otherwise not execute. This is the most common way to attack a system through a computer network.
14. Distinguish the concept of viruses and worms.
15. Buffer overflow attacks usually need to know the stack address of the target system. To prevent buffer overflow attacks, some systems take a policy that changes the position of the stack every time it is run. However, this method is not absolutely safe, and the use of blasting attacks can also be successful. So, further, GCC joins the "Canary value" by randomly generating a value when running the code, and then judging whether the function has been modified, depending on if the value has not changed.
Problems in teaching materials learning and the solving process
- Question 1:ieee What is the meaning of floating point numbers?
- Issue 1 Solution: IEEE floating-point numbers regulate the representation of a number. For example, 100, there are 1100 of the one-time Square,10 of the one-way expression. To standardize the representation of numbers, a unified set of representations is used, which is the IEEE floating-point number
- Question 2: How does a worm self-replicate from a computer that affects a computer?
- Issue 2 Solution: The problem has not been resolved.
Code Hosting
I do not know why, I do not count the number of code. No reason has been found.
Other
Before this class started, I thought it was still an extension of Java, and later found that it was more about C, and I also realized some of my shortcomings in C language. Next, we should focus on the shortcomings of this piece, let the next study smoother.
Learning progress Bar
|
lines of code (new/cumulative) |
Blog Volume (Add/accumulate) |
Learning Time (new/cumulative) |
Important Growth |
Goal |
5000 rows |
30 Articles |
400 hours |
|
First week |
63/63 |
1/1 |
7/7 |
|
Second week |
100/163 |
1/2 |
15/22 |
|
Second week |
|
2/4 |
16/38 |
|
2018-2019-1 20165214 "Information Security system Design Fundamentals" Third Week study summary