The Call Stack and Stack Overflows (example in C)
Рет қаралды 43,073
Күн бұрынPatreon ➤ / jacobsorber
Courses ➤ jacobsorber.thinkific.com
Website ➤ www.jacobsorber.com
---
The Call Stack and Stack Overflows (example in C) // Students usually hear about the stack early on, but many don't really take the time to look at how it works until it gives them trouble. This video shows you how the call stack works and what a stack overflow is (example C code included).
Related Videos:
Stacks: • How to Implement a Sta...
Make Videos:
+ • Learn make in 60 seconds.
+ • More make: automatic v...
***
Welcome! I post videos that help you learn to program and become a more confident software developer. I cover beginner-to-advanced systems topics ranging from network programming, threads, processes, operating systems, embedded systems and others. My goal is to help you get under-the-hood and better understand how computers work and how you can use them to become stronger students and more capable professional developers.
About me: I'm a computer scientist, electrical engineer, researcher, and teacher. I specialize in embedded systems, mobile computing, sensor networks, and the Internet of Things. I teach systems and networking courses at Clemson University, where I also lead the PERSIST research lab.
More about me and what I do:
www.jacobsorber.com
people.cs.clemson.edu/~jsorber/
persist.cs.clemson.edu/
To Support the Channel:
+ like, subscribe, spread the word
+ contribute via Patreon --- [ / jacobsorber ]
Source code is also available to Patreon supporters. --- [jsorber-youtube-source.heroku...]
@jakobfredriksson2272 3 жыл бұрын
There's a difference between knowing a subject and understanding it and Jacob, even though his name isn't spelled with 'k', understands what he's talking about. That makes such big difference; that's why I've learned more about C programming watching his stuff for two days than other stuff for two months. Subscriber (since two days) !
@JacobSorber 3 жыл бұрын
Welcome, Jakob. Glad you were able to overlook the 'c'. 😀
@ryshask Жыл бұрын
This is the best video I found to refresh my memory on basic program execution I could find after working on higher level languages for so long. So many people put up videos that are apparent word salad with no real comprehension... As if they are trying to remember how it works while explaining it. Thank you Jacob.
@a29stech33 3 жыл бұрын
I'm glad to get a tutor like you. You are a great tutor I ever seen. You make complex concept easy to understand. 🙏 Thank you so much 🙏
@JacobSorber 3 жыл бұрын
You're very welcome!
@aleksandarv.1459 10 ай бұрын
Great explanation, keep up the good work!
@MarSonyTM 6 ай бұрын
Thank you ! Very helpful all the videos
@yourlinuxguy 2 жыл бұрын
Good, video was complicated for me, you made it easy.💕
@xit 2 ай бұрын
Thank you Dr. Sorber :D
@dixztube Жыл бұрын
This was so good!
@funhuninjastudio 3 жыл бұрын
It's been a long time since the last video... Happy to see another one :)
@soumyadipsaha8904 3 жыл бұрын
yes absolutely
@mohammedzaid6634 3 жыл бұрын
yeah
@JacobSorber 3 жыл бұрын
Thanks. Yeah, it's been a crazy fall. I'm glad I could get one out.
@rafalmichalski4893 3 жыл бұрын
Hello Jacob. Very interesting material as usual. Go ahead and make material about "Calling Conventions" as it is next interesting topic in my opinion.
@santoshsco 3 жыл бұрын
Wow what an amazing video , super helpful channel !!
@JacobSorber 3 жыл бұрын
Thanks. Glad you like it.
@mohammedzaid6634 3 жыл бұрын
thank you so much making videos like this and i am getting 100% fruitful from your videos!!!
@yjc149 Жыл бұрын
great video!
@benjaminshinar9509 3 жыл бұрын
great video as always! question: I know that there's a 'randomize memory' option for the virtual memory of the process, how does it mesh with stack addresses and stuff?
@georgeb.6162 3 жыл бұрын
Very interesting. Thank you for the lesson. Thanks to you I've been writing a lot more examples in C lately, you motivated to go back and write some data structures from scratch and actually understand them better than just calling a new List for literally every need.
@aabdev 3 жыл бұрын
Dear Jacob, Thanks a lot for the tutorial. 1 What happens in the process (or in firmware) before main() launches? 2 Who determines the order of initialization of global variables (in case of int g_val=foo();)? 3 What code copies the return address onto the stack frame? 4 Can a C function at runtime determine whether it has been called recursively just by exploring values in RAM stack? Regards, AB
@XenoTravis 3 жыл бұрын
I haven't coded in a long time. Got let go when the pandemic started then developed a movement disorder. Your videos will be nice as a quick refresher.
@JacobSorber 3 жыл бұрын
Sorry to hear that. Glad I could help in some way. May the future be better than the recent past.
@Blu3wonder 2 жыл бұрын
Awesome, video. Love when you matter-of-factly state the hex addresses are going up and down. Not everyone reads hex bro 😂. Still, hyper useful tutorial.
@potreschmotre1118 3 жыл бұрын
Your channel is exceptional. Please keep up the good work!
@Kefford666 2 жыл бұрын
I really liked seeing you using lldb, that was insightful!
@ranjithmkumar 3 жыл бұрын
Hi Jacob, Why the frame address can be in the middle sometimes?
@taieoo1189 Жыл бұрын
ALL I CAN SAY IS THANK YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU.
@sumitbhosale3401 3 жыл бұрын
Can you please explain " search.h " header file in c programming.
@aabdev 2 жыл бұрын
How to count the number of stack frames in Stack RAM just looking at stack RAM values?
@TheCocoaDaddy 3 жыл бұрын
Awesome video! I really like how you explain these concepts. Question: do you ever discuss how things, like stack overflows, stack 'crushing', or buffer overflows can be used for hacking purposes? I don't mean from a "here's how you do it" perspective but from a "how it can be exploited" perspective? Or maybe even that might be too close to "how to do it". lol Anyway, thanks for posting!
@benjaminshinar9509 3 жыл бұрын
you might want to check this video by him kzbin.info/www/bejne/bZ6ul4qog7aWoJI
@TheCocoaDaddy 3 жыл бұрын
@@benjaminshinar9509 Thanks!
@smrtfasizmu6161 2 жыл бұрын
When a function is called, instruction pointer is being pushed on the stack and when the function is over, that same value is poped from the stack and it is put back into the instruction pointer register. Instruction pointer basically tells the computer what is the next instruction it should execute. So, if you change instruction pointer to point to a part of memory which you previously filled with your malicious machine code instructions, you have successfully hacked. How can you do this? Let's say a stack frame has place for 40 char variables. If you write more than 40 chars, you will start overwriting things which you shouldn't. First you will overwrite the base pointer which is 8 bytes on a 64bit PC. After these 8 bytes you will start overwriting the instruction pointer. You overwrite it with the memory address where you put your malicious machine code. For instance you could put those machine code instructions in those 40 bytes which were reserved for 40 chars which means that you overwrite the instruction pointer with the address of these 40 bytes. Now, you need to know the address of these bytes in order for this to work. Hackers can guess the address because compilers on Linux at least don't randomly choose where in memory they will put stack frame for main function. Jacob Sorber himself has a video about this where he talks about how on Mac compilers randomize where the main function will be put in memory. Another reason why this particular exploit won't work today is because by default you can't execute machine instructions from the stack. Programmer needs to make the stack explicitly executable when he compiles the program (-z execstack flag). So, this method is not going to work in modern days, but this is how it worked in the past if I understand correctly. I am a beginner myself so if you want something more instructive, this is the best that I can give you.
@bretzel30000 2 жыл бұрын
In the illustration of the stack and the heap an so on, there is a little gap above the stack. Whats that?
@mahmoudyasser21299 3 жыл бұрын
Great video
@amdreadon2745 Жыл бұрын
hey jacob, about the address from the main function when we printed : &i , __builtin_frame_address the difference between the integer storage i and the SP was 4 bytes all seems good, but when we called myfunc() the difference between : &i , __builtin_frame_address turned to be 8 bytes i didn't get that behavior, and could u send the link related to this video -of using these commands-.
@mohammedzaid6634 3 жыл бұрын
if you can please can you make videos about in-depth usage about gdb. i mean how to use gdb more efficiently and advance feature from the beginning.
@JacobSorber 3 жыл бұрын
Sure. Are there specific things you would like to see? Or things you find cumbersome?
@mohammedzaid6634 3 жыл бұрын
@@JacobSorber i mean, for me its so hard to debug in gdb because i barely i understood gdb, and i don't know lot of options in gdb i just wanna know how pro like you use the gdb in real life projects.
@mefjak000zpolszy6 11 ай бұрын
I am wondering how does OS knows how much memory it must be allocated for the program. I assume that Stack Overflow occurs when Stack memory addreses intersecs with Heap memory addresses?
@bbq1423 3 жыл бұрын
Now this is oddly convenient. I have been trying to implement a way to manually create stack frames all day. Those pesky segmentation faults and bus errors just keep on coming.
@smrtfasizmu6161 2 жыл бұрын
I did it by using in-line assembly and it worked fine. Use objdump or gdb in order to inspect what gcc compiler does to your functions maybe you are repeating some operations that have already been done or something to that effect. For instance, if the compiler makes the push %rbp mov %rsp, %rbp instructions and you write them again, you will screw up because you will have one pop %rbp and then when you call retq, instead of popping up previous instruction pointer you will pop up previous base pointer. This is what happened to me when I first wrote in assembly.
@selimeneskaraduman6935 3 жыл бұрын
Hello Jacob Sorber, do you think Rust will kill c/c++? Even if c/c++ used in many important software and IoT devices, I see many comments about Rust is going to replace c/c++ in the future because of its memory-safety. There are other memory-safe languages like go/java/D but they are slower than c/c++. However, It's said Rust is as fast as C/C++ and memory-safe, how is this possible? Other languages lose their speed for security but Rust doesn't, can you make a video about these topics
@XenoTravis 3 жыл бұрын
Well rust really isn't that much better than c++. Rust also isn't proven to be any safer or faster all around. It would take a long time for any language to take over c/c++ and since time is money I doubt major companies will switch. C++ is also still preferable to programmers who want the most control over the program
@belesiu 3 жыл бұрын
@@XenoTravis Interested in your comment that Rust isn’t proven to be safer or faster than C++. Do you have any links or more information about this?
@selimeneskaraduman6935 3 жыл бұрын
@@belesiu @Travis I wonder too
@framepointer 3 жыл бұрын
@@XenoTravis "Well rust really isn't that much better than c++. Rust also isn't proven to be any safer or faster all around." this is big fat bullshit, you dont know what youre talking about
@carsonholloway 3 жыл бұрын
Do you think you could make one on setjmp.h? I recently found some code with it, and was really confused about how it worked and what it was doing. Thanks
@JacobSorber 3 жыл бұрын
Like a how-to-implement-exception-handling-in-C video? That could be fun. Thanks. I'll see what I can do.
@AsmitPandit 2 жыл бұрын
Dude ! You are an amazing instructor !! Have you already created a video where you walk the stack to find the stack trace ? If no, humbly requesting you to :)
@cmdlp4178 3 жыл бұрын
Runtime stacktrace library please.
@kipchickensout 11 ай бұрын
So... when you're reading it normally like you would in a disassembled/hex editor or whatever the stack actually grows upwards? I get confused by everyone putting the high addresses in their examples at the top of the diagram. And with frame pointer you meant the base pointer and not the stack pointer, right? edit: oooh yeah so the stack pointer would in this case point to the address of the "return" variable on the stack, probably? Like... 0x0 | ... 0x4 | "return" var 0x8 | old base pointer 0xC | return address 0x10 | "counter" arg ... Frame pointer = 0x8 Stack pointer = 0x4
@vanowik7518 3 жыл бұрын
Your videos are amazing. What kind of environment are you using for your C project?
@smrtfasizmu6161 2 жыл бұрын
I did not understand how stack frames work, how stack, base and instruction pointers work until I looked at the assembly and then wrote a couple of functions in assembly myself. I was then surprised to find out that first two arguments of a function in my windows PC go into ecx and edx registers while on my Ubuntu they go to esi and edi registers. Both my Ubuntu and my windows compiler put the return value into eax register though. Ubuntu compiler doesn't decrease the stack pointer if it is a leaf function which uses less than 128 bytes (I then found out that these 128 bytes for a leaf function was called the red zone). My Windows PC doesn't seem to have this red zone, but windows compiler sometimes puts a local variable on the other side of the base pointer (positive ofset from base pointer instead of negative offset) which never happens on my Ubuntu PC. When I write assembly I always decrease the stack pointer and put local variables in the negative offset, both when I am on Ubuntu and when I am on Windows). Even these little things that I learned about how functions work on my Ubuntu I wouldn't know without looking at the assembly. And the reason why I learned this is because it bugged me that I didn't understand how function calls work under the hood.
@jayocaine2946 2 жыл бұрын
No, a stack over flow is a website where people tell you someone already asked that question
@souptenderpanini3106 3 жыл бұрын
HE'S ALIVE!
@JacobSorber 3 жыл бұрын
Trying to be.
@johnsmith-rd3zx 2 жыл бұрын
666 base stack memory 667 neighbor of the beast stack overflow by 1
@mohammedzaid6634 3 жыл бұрын
aah another thing that you always says "that is topic for another video" or "i will talk about in future" some time you talk but most videos i anticipating are not shared
@JacobSorber 3 жыл бұрын
Yeah, I hear you. I get a lot of requests and have a lot of ideas for future videos, but time is tight, and a lot still haven't been made.
@mohammedzaid6634 3 жыл бұрын
@@JacobSorber yes sir. i feel you these times is so tight for me too. and appreciate your work.
@natanojykaics2427 3 жыл бұрын
it worrying how much you look like and talk like Matthew McConaughey
Colin McAllister
Рет қаралды 16 М.