This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: machine independent protection from stack-smashing attack

To: RDBrown at mira dot net, RodneyBrown at mynd dot com
Subject: Re: machine independent protection from stack-smashing attack
From: Richard Henderson <rth at cygnus dot com>
Date: Thu, 10 Aug 2000 17:08:14 -0700
Cc: etoh at jp dot ibm dot com, gcc at gcc dot gnu dot org
References: <200008101438.AAA00313@iji.local>

On Fri, Aug 11, 2000 at 12:38:37AM +1000, Rodney Brown wrote:
> I've been surprised at the lack of response to this. Architecture
> independant stack-smashing protection that doesn't compromise the
> ABI would be a GREAT enhancement to have.

I suppose it would be marginally useful.

It seems to me that you'd actually need bits like Greg McGary's bounded
pointer code to ensure correctness; anything less than that leaves holes
that could still be exploited.

r~

References:
- Re: machine independent protection from stack-smashing attack
  - From: Rodney Brown

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]