NOP slide
Encyclopedia
In computer CPUs, a NOP slide, NOP sled or NOP ramp is a sequence of NOP
(no-operation) instructions (on Intel x86
, this is the opcode
0x90) meant to "slide" the CPU's instruction execution flow to its final, desired, destination. Generally a NOP slide will be used in cases where execution will branch
into a position that cannot be determined with absolute accuracy, therefore "padding" the memory area before and after the approximate branch address is performed in the hope of avoiding an exception which would cause the program or system to crash. Once the CPU branches anywhere within the NOP slide, its instruction pointer (IP) will "slide" to its final destination, where there is valid code to be executed.
NOP slides can be used in buffer overflow
and similar exploits designed to take over a program's execution path, or in defensive programming such as in EMC aware programming
.
NOP
In computer science, NOP or NOOP is an assembly language instruction, sequence of programming language statements, or computer protocol command that effectively does nothing at all....
(no-operation) instructions (on Intel x86
X86 architecture
The term x86 refers to a family of instruction set architectures based on the Intel 8086 CPU. The 8086 was launched in 1978 as a fully 16-bit extension of Intel's 8-bit based 8080 microprocessor and also introduced segmentation to overcome the 16-bit addressing barrier of such designs...
, this is the opcode
Opcode
In computer science engineering, an opcode is the portion of a machine language instruction that specifies the operation to be performed. Their specification and format are laid out in the instruction set architecture of the processor in question...
0x90) meant to "slide" the CPU's instruction execution flow to its final, desired, destination. Generally a NOP slide will be used in cases where execution will branch
Branch (computer science)
A branch is sequence of code in a computer program which is conditionally executed depending on whether the flow of control is altered or not . The term can be used when referring to programs in high level languages as well as program written in machine code or assembly language...
into a position that cannot be determined with absolute accuracy, therefore "padding" the memory area before and after the approximate branch address is performed in the hope of avoiding an exception which would cause the program or system to crash. Once the CPU branches anywhere within the NOP slide, its instruction pointer (IP) will "slide" to its final destination, where there is valid code to be executed.
NOP slides can be used in buffer overflow
Buffer overflow
In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....
and similar exploits designed to take over a program's execution path, or in defensive programming such as in EMC aware programming
EMC Aware Programming
Electromagnetic compatibility –aware programming involves writing software which is resilient to errors induced by electromagnetic fields.-Motivation:...
.
Example
If you were writing a numbered list of things for a person to do and you didn't know where he might start, you could add many "no operation" steps at the beginning and end, so that in most cases he would do something predictable, rather than beginning in the middle of the important steps.- Continue.
- Continue.
- Continue.
- Continue.
- Place key in lock.
- Turn key.
- You're done.
- Continue.
- Continue.
- Continue.
- Continue.
- Go to step 1.
Sources
- Use of a NOP slide to compromise a system