This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Changing storage allocation for C

From: Richard Henderson <rth at redhat dot com>
To: Ranjit Singh <ranjit at sukhisoft dot com>
Cc: gcc at gcc dot gnu dot org
Date: Wed, 3 Jul 2002 16:30:36 -0700
Subject: Re: Changing storage allocation for C
References: <00e301c222b8$794b4ca0$18149fd4@zelda>

On Wed, Jul 03, 2002 at 06:38:38PM +0100, Ranjit Singh wrote:
> So long as we do not allow addressable variables in the conventional stack,
> it would appear much harder to overwrite a function pointer. (Stack smashing
> attacks typically overwrite the return fn pointer on the stack.)

Please search linux-kernel mailing list archives for Solar Designer's
ELF PLT smashing tricks.  Multiple stack tricks don't help that case.
The *only* way to prevent these kinds of problems is to actually fix
the bugs.  You absolutely must make sure there are no buffer overruns
whatsoever, on the stack or off.

The way to do this is to provide tools to make it easier to detect such
errors, assuming credible testing.  One such way to do this is valgrind.
Another is to complete some form of Greg McGary's bounds-checking pointer
implementation.  As it happens, there is some effort for the later going
on inside Red Hat.  It's early yet, but if there were sufficient external
interest, I'd imagine that the development could be migrated.

r~

References:
- Changing storage allocation for C
  - From: Ranjit Singh

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]