Re: SMASHING THE STACK: PREVENTION?

Thomas H. Ptacek (tqbf@enteract.com)
Tue, 29 Apr 1997 06:58:53 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thomas H. Ptacek: "Re: Smashing the Stack: prevention?"
Previous message: J.R.Valverde: "Re: Smashing the Stack: prevention?"
Maybe in reply to: massimo at vnet.ibm.com: "SMASHING THE STACK: PREVENTION?"

> What about a sort of "execXXX-wrapper"? Instead of patching the kernel,
> I wonder whether it make sense to patch the C library (libc.a). In each
> routine of the exec family (execvp, execl, execve...) one could add something
> like:

This doesn't do anything to prevent stack overruns. A conventional stack
overrun exploit doesn't use the C library system call interface; it
duplicates it entirely in assembler.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"

Next message: Thomas H. Ptacek: "Re: Smashing the Stack: prevention?"
Previous message: J.R.Valverde: "Re: Smashing the Stack: prevention?"
Maybe in reply to: massimo at vnet.ibm.com: "SMASHING THE STACK: PREVENTION?"