Date: Sun, 19 Jul 1998 19:40:38 -0600 From: Brett Glass <brett@lariat.org> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: dg@root.com, security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <199807200140.TAA06705@lariat.lariat.org> In-Reply-To: <7757.900897422@time.cdrom.com> References: <Your message of "Sun, 19 Jul 1998 16:28:00 MDT." <199807192228.QAA03712@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:17 PM 7/19/98 -0700, Jordan K. Hubbard wrote: >If you can make it all work and want to hack up a proof of concept, go >for it. Right now, however, I think you're letting annoyance get the >better part of intelligence. I make no bones about the fact that I'm annoyed; that buffer overflow exploit will cost me between a week and a month of tedious work. The fact that the problem has been fixed in Linux and Solaris is a good proof of concept. Again, the problem is simply one of where to put a "thunk." In general, putting it on the CPU stack is a bad idea, and the problem is starting to bite all of us. It'll only get worse, especially so long as we use C; the language is so prone to array overruns and buffer overflow exploits. >More importantly, making suggestions which are almost worded like >demands when it is very clear that you do _not_ understand the subject >in question is only a good way of antagonizing people. As a seasoned assembly language programmer, I understand the subjects of memory allocation and "thunking" quite well. I don't think anyone should feel antagonized when I emphasize the importance of fixing this problem -- especially after the extensive personal cost it has had, and will have, for me. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807200140.TAA06705>