Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Host-Based Vulnerability 1- When a program needs several DLLs, some of them may

ID: 3859471 • Letter: H

Question

Host-Based Vulnerability

1- When a program needs several DLLs, some of them may need to be “rebased”. Describe what this process is and why it might be needed.

2- What is the difference between an “INT 3” breakpoint, an “INT3” (no space) breakpoint, and a hardware breakpoint?

- INT 3(with space):

- INT3 (no space):

- Hardware:

3- With respect to a PE file, what is the difference between an EXE and DLL?

4- Explain each: CDECL, FASTCALL, STDCALL.

CDECL:

FASTCALL:

STDCALL:

5- Explain why the IdaPro pseudocode generator shows us “while” loops but maybe not as many “for” loops.

Explanation / Answer

(1) It means to explicitly select a preferred load address when you link it,if any application need to load a DLL whose preferred load address conflicts with primary that's Already in use(which is previously loaded DLL),the operating system rebases the conflicting DLL by it at a different address that does not overlap and then by adjusting all addresses,the format of a.DLL file includes relocation information that points to, This procedure done at the load time & it's time consuming but it also increase the memory footprint that DLL takes

(2)Hardware breakpoints-they are faster because they have dedicated registers and less overhead than software breakpoints,they are actually part of the processor,They are limited in number

INT 3- is ×86 jargon for trap instruction, a call to predefined interrupt handler,×86 supports the INT instruction with a 8-bit operand specifying the number of the interrupts that occurred,the INT 3 instruction generates a special one byte opcode(cc) that is intended for calling the debug exception handler,parametersed to replace the first byte of any instruction with a breakpoint.

(3)The term EXE is shortened version of the word executable, any EXE file contains the entry point or the part in the code where the operating system is supported to begin the execution of the application

DLL- stands for dynamic link library which commonly contains functions and procedures that can be used by other programs DLL file can be used in other application s as long as the coder knows names and parameters of the functions and procedures in the DLL file

(4) (a) CDECL is a calling convention that originates from the c programming language and is used by many c compilers for the × 86 architecture, in it the subordinate arguments are passed an the stack

(b) FASTCALL The fastcall calling convention specifies that arguments to function are to be passed in integers

(C)STDCALL this feels the compiler the rules that apply for setting up the stack, pushing arguments and getting a return value,,these is faster compared to others

Related Questions

Hospital director is told that 25% of the treated patients are uninsured. The di
Question #3230769
Hospital emergency room assign patient priority base on symptom of the patient.
Question #3810065
Hospital falls, defined as patients accidentally slipping or tripping and fallin
Question #3310784
Hospital floors are usually covered by bare tiles. Carpets would cut down on noi
Question #3226270
Hospital patient. A 65.0 kg patient is suspended in a raised hospital bed as sho
Question #1905124
Hospital patient. A 71.0kg patient is suspended in a raised hospital bed as show
Question #1394464
Hospital patient. A 83.0 kg patient is suspended in a raised hospital bed as sho
Question #1594245
Hospital records show that among all patients suffering from a certain disease,
Question #3170300

Navigate

Previous
Host water soluble hormones must be attached to a transport protein in order to
Next
Hosted by ALEKS C Previous 1 2 3 4 5 Next Question 5 of 5 (1 point) 5.2 Section

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.