Bugtraq mailing list archives
Re: Stack Shield: defending from "stack smashing" attacks
From: Chris.Keane () COMLAB OX AC UK (Chris Keane)
Date: Thu, 2 Sep 1999 16:24:36 +0100
On Tue, 31 Aug 1999, "CC" = Crispin Cowan wrote:
+> So, why would one use the approach of saving the return address on +> another stack, instead of patching the stack itself, like StackGuard? +> The only reason I can imagine, is that one does not want to change the +> stack layout. The benefit of not changing the stack layout, is that +> you can do the change outside of the compiler. CC> Another major advantage is that gdb continues to work. The CC> StackGuard method fails for all programs that introspect the stack, CC> gdb being the major example. And presumably it would mean you could compile kernels with it, which also fails with StackGuard (for Linux, at least). Cheers, Chris. ------------------------------------------------------------------- ><> --- Hardware Compilation Group, Oxford University Computing Laboratory, Wolfson Building, Parks Road, Oxford, OX1 3QD, U.K. tel: +44 (1865) (2)73865 e-mail: Chris.Keane () comlab ox ac uk http://www.comlab.ox.ac.uk/oucl/users/chris.keane/
Current thread:
- Re: Stack Shield: defending from "stack smashing" attacks Tobias Haustein (Aug 31)
- <Possible follow-ups>
- Re: Stack Shield: defending from "stack smashing" attacks Crispin Cowan (Aug 31)
- Re: Stack Shield: defending from "stack smashing" attacks Tobias Haustein (Sep 01)
- Re: Stack Shield: defending from "stack smashing" attacks Valdis.Kletnieks () VT EDU (Sep 01)
- Netscape communicator 4.06J, 4.5J-4.6J, 4.61e Buffer Overflow DEF CON ZERO WINDOW (Sep 02)
- Re: Netscape communicator 4.06J, 4.5J-4.6J, 4.61e Buffer Overflow Brett Glass (Sep 03)
- Netscape 4.x exploit code DEF CON ZERO WINDOW (Sep 02)
- Re: Stack Shield: defending from "stack smashing" attacks Chris Keane (Sep 02)
- Re: Stack Shield: defending from "stack smashing" attacks Crispin Cowan (Sep 04)