Re: Smashing the Stack: prevention?

Alexander Snarskii (snar@CARRIER.KIEV.UA)
Mon, 28 Apr 1997 22:29:17 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joe Zbiciak: "Re: Smashing the Stack: prevention?"
Previous message: Tim Newsham: "Re: Smashing the Stack: prevention?"
Maybe in reply to: nate: "Smashing the Stack: prevention?"
Next in thread: Joe Zbiciak: "Re: Smashing the Stack: prevention?"

>
> 1. 'you gotta change the code'
> This one is obvious; people must change their SUID programs'
> source code to avoid nasty things like gets() sprintf() strcat() and
> strcpy() using things like fgets() strncat() strncpy() as substitutes.

Just one more way: replace ususal strcpy/sprintf/strcat
in libc to check stack integrity before exit, and generate
kill(SIGSEGV,getpid()) in case of violations.
That is a 'bad thing' from the performance point of view,
but not so bad (about 1% more time with stack
level 10); and that is not portable - because
stack checker must be written in assembler.

Sometimes ago i propagated such patches to FreeBSD team,
they did'nt commit it. If anyone interested:
ftp://ftp.lucky.net/pub/unix/local/libc-letter.

--
Alexandre Snarskii
the source code is included.

Next message: Joe Zbiciak: "Re: Smashing the Stack: prevention?"
Previous message: Tim Newsham: "Re: Smashing the Stack: prevention?"
Maybe in reply to: nate: "Smashing the Stack: prevention?"
Next in thread: Joe Zbiciak: "Re: Smashing the Stack: prevention?"