Life of Functions on Stack

This week we consider as to how function invocations happen and how stack plays a big role here. In coming weeks we also discuss how the stack can be exploited to one’s advantage by orchestrating

1. BufferOverflows AKA Stack Smashing

2. Ret2libc

3. ROP attacks

To understand the exploitations a basic understanding of the stack and how it works is very important.

The process when loaded in memory reserves a section for the stack in memory.

The process layout in memory looks like this

The bottom part of the virtual address space represents the lowest memory segment while the top represents the highest memory segment. So one can make out from the diagram, that the stack is growing towards the lower memory. This mental model is key when we look at how the compiler generates the address of the various arguments and parameters and how they are referenced within the function.

The stack itself constitutes of stack frame. There is one stack frame allocated per function. Before we go into more details on function invocation and frames it is important to understand the roles of some of the registers.

1. ESP — This register always points to the top of the stack. As the values are pushed and popped the ESP is…