nwf
commented
2 years ago I've added src/exercises/buffer-overflow-stack to https://github.com/CTSRD-CHERI/cheri-exercises/pull/42/files . This is an expanded presentation of one of our slideware introductions to CHERI C. It has the benefit of mostly fitting on a single slide for side-by-side comparison, too.
I am unsure what to do about the existing debug-and-disassemble. On the one hand, it's a convenient sequel to compile-and-run, which are probably better programs to run first than buffer-overflow-stack, and it already has all the prose about tooling. On the other hand, I think the buffer-overflow-stack program is the right one to actually have people do it on, so perhaps I should move the prose over and change the order. Or perhaps I should factor the prose out to some common location and point at it from both.
Commentary on the contents of buffer-overflow-stack and/or on the above refactoring options would be most welcome. Pinging @rwatson and @brooksdavis and @gvnn3 and @kwitaszczyk in particular for their thoughts, if time permits.
The present "Compile and run" and "Disassemble and debug" exercises immediately jump into ABI. We'd like something a little gentler, like an address-taken stack buffer, to warm people up to the changes in generated code. We can then tell them about the linker/loader conspiracy to bound globals.