This is an in-progress directory of some notable Ada programs related to my project. The heapexploits folder has 3 subdirectories: the pseudo-allocator code, the user storage pool code (stack), and the system storage pool (heap) code.
This project looks at the safeguards Ada 95 uses to protect against misuse and malice vs. dynamic memory. In Ada, dynamic memory can either be stored on the system storage pool located on the heap, or in user-defined storage pools, which exist on the stack. This project features the following parts:
- Pseudo-Allocator: This is a strictly proof of concept environment to introduce and explore exploits. Global variables are used instead of dynamic ones so that simple concepts can be displayed.
- System Storage Pool: In Ada 95, when the new keyword is used and the programmer doesn't specify a user pool, a pointer is created that points to data. The pointer is located on the stack and the data is located on the heap. Thus, attempts at attacking the heap data or stack pointers occur in this case.
- User-Defined Storage Pool: Since Ada standards note that dynamic memory allocation can be risky and unsafe, the language promotes utilizing storage pools to hold dynamic memory. These storage pools function like heaps but are located on the stack. As a result, this section focuses on using stack-based exploit ideas against user pools.
Linux x86 32-bit Ubuntu 14.04 Specs: 1-core CPU, 8gb ram
-gnatmake -gnat95 -gnatp -g <program.ada> I will document when alternate flags are used.
If you need to contact me, feel free to reach me at bkungl15@gmail.com