On Sat, Dec 06, 2003 at 01:09:51AM +0100, Bernhard Walle wrote:
on http://lists.suse.com/archive/suse-security/2003-Dec/0051.html I read that the SuSE 9.0 update kernel contains Stack Overflow Protection. I tested this with a short example from an article in the German computer magazine c't ("Das Sicherheitsloch", c't 23/2001, p. 216)
These are entirely unrelated things. What your sample code is about is a buffer overflow on the stack. The kernel feature that got enabled is just a kernel feature that prevents the kernel stack from overflowing. (Each process uses a separate stack page when entering kernel space. This stack page is 4K in size, and if you recurse too deeply, you may need more than 4K of stack and consequently scribble over other memory located before the start of that page. The CONFIG_DEBUG_STACKOVERFLOW kernel option enables a run-time check that spits out a warning if that happens). Olaf -- Olaf Kirch | Stop wasting entropy - start using predictable okir@suse.de | tempfile names today! ---------------+