Mailinglist Archive: opensuse (3605 mails)

< Previous Next >
[opensuse] overflow issue w/ EIP
  • From: Robert Hudock <rhudock@xxxxxxxxx>
  • Date: Thu, 08 Jun 2006 01:23:42 -0400
  • Message-id: <1149744222.7729.15.camel@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Question:

For some reason on suse 10.0 and 10.1 I cannot overflow the buffer so as
to overwrite EIP no matter what. The attached code is a very simple
example to illustrate my issue. Basically the following is what I get
when the program segfaults on SuSE 10.1.

However, the attached program produced the expected results 0x41414141
in main () on FreeBSD versions 5.3 and 6.1, on redhat 7.2

Any ideas why this is happening? What sort of security controls are in
place that prevent this from happening? Are these controls unique to
SuSE?

-----------------------------------
plato@zion:~> gdb ./overflow
GNU gdb 6.4
Copyright 2005 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "x86_64-suse-linux"...Using host libthread_db
library "/lib64/libthread_db.so.1".

(gdb) run
Starting program: /home/plato/overflow
warning: Lowest section in system-supplied DSO at 0xffffe000 is .hash at
ffffe0b4

Program received signal SIGSEGV, Segmentation fault.
0x080483ec in main () at overflow.c:6
6 }
(gdb)

------------------------------------------


Regards,

Robert Hudock
main () {
char str1[10];
strcpy (str1,
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");

}

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-help@xxxxxxxxxxxx
< Previous Next >