Full Disclosure mailing list archives

Re: ShortNotes : Stack Smashing with GCC4

From: "Chris Rohlf" <chris.rohlf () gmail com>
Date: Fri, 20 Apr 2007 14:58:34 -0400

Your section:

** [ iv. call %edx ] **


Was also covered here some time ago.

http://www.milw0rm.com/papers/70

(I am only running gcc 4.0.3) In main() %edx is pointing to the start
of your environment variables, not the stack. If you were to call
another function from main() it would probably no longer point there.
So maybe this technique works for vulnerablilities in programs parsing
command line arguments in main() but its very limited in its use.

chris


-- 

http://em386.blogspot.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

ShortNotes : Stack Smashing with GCC4 xWinGs @ KJ (Apr 20)
- Re: ShortNotes : Stack Smashing with GCC4 Marcus Meissner (Apr 20)
  - Message not available
    - Re: ShortNotes : Stack Smashing with GCC4 Guasconi Vincent (Apr 20)
- <Possible follow-ups>
- Re: ShortNotes : Stack Smashing with GCC4 Chris Rohlf (Apr 20)