Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
Stack Overflow Protection
  • From: Bernhard Walle <bernhard.walle@xxxxxx>
  • Date: Sat, 6 Dec 2003 01:09:51 +0100
  • Message-id: <20031206000951.GB31615@xxxxxxxxxxxxxxx>
Hello,

on http://lists.suse.com/archive/suse-security/2003-Dec/0051.html I read
that the SuSE 9.0 update kernel contains Stack Overflow Protection. I
tested this with a short example from an article in the German computer
magazine c't ("Das Sicherheitsloch", c't 23/2001, p. 216)

1 void function(int a, int b, int c) {
2 char buffer1[8];
3 char buffer2[16];
4 int *ret;
5
6 ret = buffer1 + 12;
7 (*ret) += 8;
8 }
9
10 void main() {
11 int x;
12
13 x = 0;
14 function(1,2,3);
15 x = 1;
16 printf("%d\n",x);
17 }

On SuSE 9.0 this produces "1", which is correct, on an old machine it
produces "0", which is incorrect.

My questions are now:

1. Does this protection have any disadvantages?
2. Will it be included in future versions of the vanilla kernel?
3. Why is this a "hidden feature"? Why doesn't SuSE let the people know
that they've included this stack overflow protection?


Regards,
Bernhard

< Previous Next >