Re: Stack overflows.

Systemkennung Linux (linux@mailhost.uni-koblenz.de)
Thu, 19 Dec 1996 12:55:36 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Nick Bruton: "smbfs and kernel 2.1.16"
Previous message: Jonathan Naylor: "Re: 2.1.16 modules compile errors"
Next in thread: Dan Merillat: "Re: Stack overflows."
Reply: Dan Merillat: "Re: Stack overflows."
Reply: Bernd Schmidt: "Re: Stack overflows."

> With all the interest in buffer overflows lately, I was wondering if intel
> MM allows you to make the stack frame non-executable? I think someone made
> a patch for Solaris Sparc that does exactally that. (non supported by Sun,
> of course)

The trampolines generated by GCC for code like

foo()
{
eeks()
{
...
}
yuck(eeks);
}

or for certain objective C constructs assume that the stack frame is
executable. Trampolines are being used in the GNU libc and it's dynamic
linker, so it's a really bad idea to make the stack non-executable.

If you really want to make the stack non-executable see the documentation
for mprotect(2).

Btw, performancewise trampolines really suck on architecture that have to
maintain their I/D-cache consistence in software like 68k or MIPS. Even
Intel from Pentium on get a performance hit so better don't use them.

Ralf

Next message: Nick Bruton: "smbfs and kernel 2.1.16"
Previous message: Jonathan Naylor: "Re: 2.1.16 modules compile errors"
Next in thread: Dan Merillat: "Re: Stack overflows."
Reply: Dan Merillat: "Re: Stack overflows."
Reply: Bernd Schmidt: "Re: Stack overflows."