This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Changing storage allocation for C
- From: Richard Henderson <rth at redhat dot com>
- To: Ranjit Singh <ranjit at sukhisoft dot com>
- Cc: gcc at gcc dot gnu dot org
- Date: Wed, 3 Jul 2002 16:30:36 -0700
- Subject: Re: Changing storage allocation for C
- References: <00e301c222b8$794b4ca0$18149fd4@zelda>
On Wed, Jul 03, 2002 at 06:38:38PM +0100, Ranjit Singh wrote:
> So long as we do not allow addressable variables in the conventional stack,
> it would appear much harder to overwrite a function pointer. (Stack smashing
> attacks typically overwrite the return fn pointer on the stack.)
Please search linux-kernel mailing list archives for Solar Designer's
ELF PLT smashing tricks. Multiple stack tricks don't help that case.
The *only* way to prevent these kinds of problems is to actually fix
the bugs. You absolutely must make sure there are no buffer overruns
whatsoever, on the stack or off.
The way to do this is to provide tools to make it easier to detect such
errors, assuming credible testing. One such way to do this is valgrind.
Another is to complete some form of Greg McGary's bounds-checking pointer
implementation. As it happens, there is some effort for the later going
on inside Red Hat. It's early yet, but if there were sufficient external
interest, I'd imagine that the development could be migrated.
r~