Re: Stack overflows.

Dan Merillat (Dan@merillat.org)
Fri, 20 Dec 1996 01:36:24 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oskar Pearson: "NT vulnerable to attack on CPU"
Previous message: James Riordan: "Re: Allowing users to set set[ug]id bits"
In reply to: Systemkennung Linux: "Re: Stack overflows."
Next in thread: Alan Cox: "Re: IP forwarding broken in 2.1.16 ?"
Reply: Alan Cox: "Re: IP forwarding broken in 2.1.16 ?"

On Thu, 19 Dec 1996, Systemkennung Linux wrote:

> Date: Thu, 19 Dec 1996 12:55:36 +0100 (MET)
> From: Systemkennung Linux <linux@mailhost.uni-koblenz.de>
> To: Dan Merillat <Dan@merillat.org>
> Cc: linux-kernel@vger.rutgers.edu
> Subject: Re: Stack overflows.
>
>
> > With all the interest in buffer overflows lately, I was wondering if intel
> > MM allows you to make the stack frame non-executable? I think someone made
> > a patch for Solaris Sparc that does exactally that. (non supported by Sun,
> > of course)
>
> The trampolines generated by GCC for code like
>
> foo()
> {
> eeks()
> {
> ...
> }
> yuck(eeks);
> }
>
> or for certain objective C constructs assume that the stack frame is
> executable. Trampolines are being used in the GNU libc and it's dynamic
> linker, so it's a really bad idea to make the stack non-executable.
>
> If you really want to make the stack non-executable see the documentation
> for mprotect(2).

Thanks... I figured something relied on being able to execute the stack.
That's really unfortunate. Oh well, I guess it's just as easy to
"grep strcpy *.c" ;-)

--Dan

Next message: Oskar Pearson: "NT vulnerable to attack on CPU"
Previous message: James Riordan: "Re: Allowing users to set set[ug]id bits"
In reply to: Systemkennung Linux: "Re: Stack overflows."
Next in thread: Alan Cox: "Re: IP forwarding broken in 2.1.16 ?"
Reply: Alan Cox: "Re: IP forwarding broken in 2.1.16 ?"