Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
Re: Stack Overflow Protection
  • From: Bernhard Walle <Bernhard.Walle@xxxxxx>
  • Date: Sat, 6 Dec 2003 12:33:04 +0100
  • Message-id: <20031206113304.GA2608@xxxxxxxxxxxxxxx>
On Sat, 06 Dec 2003 at 01:37 (+0100), Robert Schiele wrote:
> On Sat, Dec 06, 2003 at 01:09:51AM +0100, Bernhard Walle wrote:
> >
> > on http://lists.suse.com/archive/suse-security/2003-Dec/0051.html I read
> > that the SuSE 9.0 update kernel contains Stack Overflow Protection. I
> > tested this with a short example from an article in the German computer
> > magazine c't ("Das Sicherheitsloch", c't 23/2001, p. 216)
> >
> > 1 void function(int a, int b, int c) {
> > 2 char buffer1[8];
> > 3 char buffer2[16];
> > 4 int *ret;
> > 5
> > 6 ret = buffer1 + 12;
> > 7 (*ret) += 8;
> > 8 }
> > 9
> > 10 void main() {
> > 11 int x;
> > 12
> > 13 x = 0;
> > 14 function(1,2,3);
> > 15 x = 1;
> > 16 printf("%d\n",x);
> > 17 }
> >
> > On SuSE 9.0 this produces "1", which is correct, on an old machine it
> > produces "0", which is incorrect.
>
> This is completely unrelated to this kernel feature. If current SUSE does this
> "right" for you, then this is only because you are lucky and gcc does stack
> allocation in a way that this crappy C-Code does no harm (in this case). But
> this is just good luck.

Ok, then I misunderstood something. I thought the Linux kernel Stack
overflow protection does something similar like OpenBSD but they
modified gcc (ProPolice) and I wondered a bit.

But: What does the Kernel Stack Protection do, where can I read
something about this?



Gruß,
Bernhard

--
_________ http://www.bwalle.de _________________________________________________
Der Mensch erfand die Atombombe, doch keine Maus der Welt würde eine Mausefalle
konstruieren
-- Albert Einstein
< Previous Next >
Follow Ups