Buffer Lab Release Notes

4/28/2004

Closed a loophole that allowed some students to use the "candle" exploit string to receive credit for the "sparkler" and "firecracker" stages. The fix is a simple check to make sure validation only happens after proper function entry. Thanks to Prof. Bill Bynum, William and Mary.

1/20/2004

Some recent versions of Linux include a shield to avoid stack exploit problems. With this shield in place, the lab becomes much too difficult. On some systems, the shield can be disabled temporarily (until the machine is rebooted) by writing into the proc file system:
On older Linux 2.4 systems:
echo 0 > /proc/sys/kernel/exec-shield-randomize
On newer Linux 2.6 systems:
echo 0 > /proc/sys/kernel/randomize_va_space
You can make this happen automatically at boot time by including one of the above commands in /etc/rc.d/rc.local
Thanks to Umberto Villano.

3/31/2003

The old autograder would fail on programs compiled with newer versions of GCC because these versions use different amounts of stack padding than older versions. The new autograder now detects the amount of padding automatically, and thus works with any version of GCC. Thanks to Prof. Chris Carothers, RPI.
The autograder now includes the buffer bomb generation number on the status Web page.

10/16/2002

Minor modifications to improve the clarity of the writeup.
Minor modifications to the autograders:
- gengrades.pl now gives 0 points for an invalid submission rather than 1/4 credit.
- genhtml.pl no longer prints the border around icons.
- genhtml.pl now uses smaller more attractive icons.

6/3/2002

Initial release.

Last modified: Thu Jun 15 21:54:42 EDT 2006