Date: Thu, 13 Feb 1997 17:07:25 -0700 (MST) From: Charles Mott <cmott@srv.net> To: Robin Melville <robmel@innotts.co.uk> Cc: freebsd-chat@freebsd.org Subject: Re: Trying to understand stack overflow Message-ID: <Pine.BSF.3.91.970213164857.6467B-100000@darkstar> In-Reply-To: <l03010d00af295576131e@[194.176.130.51]>
next in thread | previous in thread | raw e-mail | index | archive | help
> >If it does, then it would be interesting to have a version of gcc which > >adds some "noise" as to where exactly in the stack an automatic variable > >is located. > > Yes, I wondered about this too. I don't believe the actual location of > an auto makes any difference, because the desired effect is to overwrite > the return address. How does control flow fall through to the overflow part of the stack? If an absolute return address is given, I don't see how this can be done. There is something about the stack mechanism I need to understand. > >Would it also be possible to have separate data and control flow > >stacks? > > Yes that would also make more sense. Any advice here on how to do this would be appreciated. If there is a conceptual reason it won't work -- no spare registers, or possibly interference with custom assembler code -- I would appreciate knowing. I just need to find a lousy x386 reference (either online or printed). Charles Mott
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970213164857.6467B-100000>