LAB 08 QUESTIONS SOLUTION

$35.00 $30.80

Description

Answer the questions below according to the lab specification. Write

your answers directly in this text file and submit it to complete the

lab.

 

 

PROBLEM 1: Smashing

===================

 

Examine the obviously flawed code in `smash.c’.

,—-

|  1  #include <stdio.h>

|  2

|  3  void fill_seq(int *a);

|  4

|  5  int main(){

|  6    int arr[4];

|  7

|  8    fill_seq(arr);

|  9

| 10    for(int i=0; i<4; i++){

| 11      printf(“[%d]: %d\n”,i,arr[i]);

| 12    }

| 13

| 14    return 0;

| 15  }

| 16

| 17  #define END 8

| 18  void fill_seq(int *a){

| 19    for(int i=0; i<END; i++){

| 20      a[i] = (i+1)*2;

| 21    }

| 22  }

`—-

`—-

Describe the kind of error that is occurring in this code and why it

is referred to as “stack smashing.” Identify which part of the code is

causing the problem.

 

PROBLEM 2: Movement Mistakes

============================

 

Analyze the files `posneg_main.c’ and `posneg.s’.  The C code uses a

function in assembly and the assembly function has a common bug in it.

 

 

A

~

 

Compile the files together and run the resulting program. Explain why

the output appears strange

 

 

B

~

 

Analyze the code in `posneg.s’ carefully and compare the `movX / cmpX’

instructions used in the first few lines against the types of

variables in the `posneg_main.c’ code.  You may want to step into this

function in GDB to look at the register values after the `movX’

instruction. Find a bug in this sequence and describe why it causes

the loaded value to appear negative.

 

C

~

 

Fix the bug in `posneg.s’ and paste your corrected code below.

 

 

posneg:

movl    (%rdi),%esi

cmpl    $0,%esi

jl      .NEG

movl    $0,%eax

ret

.NEG:

movl    $1,%eax

ret

 

 

PROBLEM 3: Convert C to Assembly

================================

 

Convert the C function in the file `col_check.c’ to x86-64

assembly. Note that the parameter is a packed struct, not a pointer to

a struct.

 

,—-

| typedef struct{

|   int cur;            // current value in collatz sequence

|   int step;           // step number in collatz sequence

| } colinfo_t;

| // |       | Byte |   Byte | Packed |

| // | Field | Size | Offset |   Bits |

| // |——-+——+——–+——–|

| // | cur   |    4 |     +0 |   0-31 |

| // | step  |    4 |     +4 |  32-64 |

|

| int col_check(colinfo_t info){

|   // Analyzes values in the packed struct arg

|   // info to detect errors in it. An int

|   // comprised of set error bits is

|   // returned. Bit 0: cur field was 0 or

|   // below, Bit 1: step was negative, Bit 2:

|   // cur was 1 but step is negative.

|

|   int cur = info.cur;

|   int step = info.step;

|   int errs = 0;

|   if(cur <= 0){

|     errs = errs | 0x1; // 0b0001

|   }

|   if(step < 0){

|     errs = errs | 0x2; // 0b0010

|   }

|   if(cur==1 && step < 0){

|     errs = errs | 0x4; // 0b0100

|   }

|

|   return errs;

| }