Firewall Wizards mailing list archives

Re: Obtuse smtpd

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Wed, 8 Jul 1998 10:51:19 -0400 (EDT)

PROBLEM!

...

How do you detect one type of stack overwrite but not the other?  [I
guess I'll go read the Web page, too.]  If you protect only the stack
frame info, that takes a lot of registers - one set for each stack
frame, with no defined maximum.  If you protect the whole stack, you
can't use data on it as read-write data.


I went and read it.

Apparently, they only protect the return address in the most recent
stack frame.  This still allows for problems ... especially if I
overrun a buffer that was passed as an argument, or is otherwise
available from a previous stack frame.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

RE: Obtuse smtpd Craig Woods (Jul 01)
- <Possible follow-ups>
- RE: Obtuse smtpd Craig Woods (Jul 02)
  - StackGuard Crispin Cowan (Jul 07)
  - Re: Obtuse smtpd Joseph S. D. Yao (Jul 07)
    - Re: Obtuse smtpd Joseph S. D. Yao (Jul 08)
    - Re: Obtuse smtpd Crispin Cowan (Jul 12)
- Re: obtuse smtpd John Lines (Jul 02)
  - Re: obtuse smtpd Joseph S. D. Yao (Jul 07)