Chapter 5, Problem 8DQ

In each of the following C code snippets, there are issues that can prevent the compilerfrom applying certain optimizations. For each snippet:• Circle the line number that contains compiler optimization blocker.• Select the best modification to improve optimization.1. Which line prevents compiler optimization? Circle one: 2 3 4 5 6Suggested solution:• Remove printf or move it outside the loop.• Remove the loop.• Replace arr[i] with a constant value.1 int sum( int ∗ ar r , int n) {2 int s = 0 ;3 for ( int i = 0 ; i < n ; i++) {4 s += a r r [ i ] ;5 p r i n t f ( ”%d\n” , s ) ;6 }7 return s ;8 }2. Which line prevents compiler optimization? Circle one: 2 3 4 5 6Suggested solution:• Move or eliminate do extra work() if it’s not necessary inside the loop.• Remove the loop (but what about scaling?).• Replace arr[i] *= factor; with arr[i] = 0; (why would that help?).1 void s c a l e ( int ∗ ar r , int n , int f a c t o r ) {2 for ( int i = 0 ; i < n ; i++) {3 a r r [ i ] ∗= f a c t o r…

123456 A ROP (Return-Oriented Programming) attack can be used to execute arbitrary instructions by chaining together small pieces of code called "gadgets." Your goal is to create a stack layout for a ROP attack that calls a function located at 'Ox4018bd3'. Below is the assembly code for the function 'getbuf, which allocates 8 bytes of stack space for a 'char' array. This array is then passed to the 'gets' function. Additionally, you are provided with five useful gadgets and their addresses. Use these gadgets to construct the stack layout. Assembly for getbuf 1 getbuf: sub mov $8, %rsp %rsp, %rdi call gets add $8, %rsp 6 ret #Allocate 8 bytes for buffer #Load buffer address into %rdi #Call gets with buffer #Restore the stack pointer #Return to caller Stack each Layout (fill in Gadgets 8-byte section) Address Gadget Address Value (8 bytes) 0x7fffffffdfc0 0x7fffffffdfb8 0x7fffffffdfb0 0x7fffffffdfa8 0x7fffffffdfa0 0x7fffffffdf98 0x7fffffffdf90 0x7fffffffdf88 Original 0x4006a7 pop %rdi;…

Character Hex value || Character Hex value | Character Hex value 'A' 0x41 יני Ox4a 'S' 0x53 0x42 'K' 0x4b 'T" 0x54 0x43 'L' Ox4c 0x55 0x44 'M' Ox4d 0x56 0x45 'N' Ox4e 'W' 0x57 0x46 Ox4f 'X' 0x58 0x47 'P' 0x50 'Y' 0x59 'H' 0x48 'Q' 0x51 'Z' Охба 'T' 0x49 'R' 0x52 '\0' 0x00 Now consider what happens on a Linux/x86 machine when callfoo calls foo with the input string "ZYXWVUTSRQPONMLKJIHGFEDCBA". A. On the left draw the state of the stack just before the execution of the instruction at address Ox40053a; make sure to show the frames for callfoo and foo and the exact return address, in Hex at the bottom of the callfoo frame. Then, on the right, draw the state of the stack just after the instruction got executed; make sure to show where the string "ZYXWVUTSRQPONMLKJIHGFEDCBA" is placed and what part, if any, of the above return address has been overwritten. B. Immediately after the ret instruction at address 0x400543 executes, what is the value of the program counter register %rip? (That is…