RE: Smashing the Stack?

["Eric Thomas" <eric () psteering com>]

I went through this same mystery a few months ago.  Apparently GCC pads
the generated assembly for better memory alignment, which makes certain
operations faster.  

> -----Original Message-----
> From: Jeremy Junginger [mailto:jjunginger () interactcommerce com] 
> Sent: Wednesday, July 17, 2002 11:47 AM
> To: vuln-dev () securityfocus com
> Subject: Smashing the Stack?
>
>
> In "Smashing the Stack for Fun and Profit" by Aleph One, 
> There is a nice
> example program called example1.c.  It looks like this:
>
> void function(int a, int b, int c) {
>       char buffer1[5];
>       char buffer2[10];
>
> void main() {
>       function(1,2,3);
> }
>
> Then, we go through how to generate assembley code output, how the
> values are pushed onto the stack in reverse order, then the function
> call, then moves the Frame Pointer onto the stack and copies 
> the current
> Stack Pointer into EBP.  That part is groovy.  Then when we 
> look at the
> function, in the example, he discusses how memory buffers are 
> allocated
> in "word" (4 byte) increments.   That makes sense; however, when I
> generate the assembly code with the exact same code, I see that it is
> subtracting 40 rather than the expected 20
> (bufger1(5bytes=2words=8bytes+10bytes=3words=12bytes).  This 
> part looks
> crucial to understanding the rest of the concepts in the paper, so I'm
> hesitant to continue without understanding this descrepancy.  
> Any input
> would be very much appreciated.