Vulnerability Development mailing list archives
Re: BitchX /ignore bug
From: bjk4 () PO CWRU EDU (Benjamin Karas)
Date: Wed, 5 Jul 2000 10:45:22 -0400
On Tue, 4 Jul 2000, Stephen J. Friedl wrote:
Except on the most unbelivably bizarre platforms, these parameters are generally passed on the stack in the usual order for that architecture. On the Intel machines, for instance, they params are push right to left and the stack grows down. Other architectures can and do either of these differently.
I just wanted to point out that the PowerPC is one of the unbelievably bizarre platforms -- it passes parameters in registers. I've also seen some pretty strange stuff on OpenBSD with parameter passing. For those who are curious, exploiting a PowerPC program can be a bit more difficult than an x86 program. First, PPC code is optimized such that frames are 32 *byte* aligned. I've been told this is becuase of how the PPC cache works. Furthermore, strings and stuff are 4 byte aligned. This all means that there are often unused bytes on the stack. This means strings might not be adjacent on the stack, which eliminates the attacks described in Phrack 56, article 0x0e. Another difficulty is that a lot of opcodes in PPC assembly contain zeros in them (each is 4 bytes long). I just wanted to point these things out. Running a server on PPC hardware might be slightly more secure than Intel simply from an obscurity standpoint. -Ben Karas
Current thread:
- Re: BitchX /ignore bug Stephen J. Friedl (Jul 04)
- Re: BitchX /ignore bug Stephen J. Friedl (Jul 05)
- Re: BitchX /ignore bug Benjamin Karas (Jul 05)
- Re: BitchX /ignore bug Daniel Jacobowitz (Jul 05)
- <Possible follow-ups>
- Re: BitchX /ignore bug Thomas Dullien (Jul 05)
- Re: BitchX /ignore bug Ron DuFresne (Jul 06)
- Re: BitchX /ignore bug Keith Simonsen (Jul 06)
- Re: BitchX /ignore bug Steve Mosher (Jul 06)
- Re: BitchX /ignore bug Joe User (Jul 06)
- Re: BitchX /ignore bug Security Mail Acct. (Jul 06)
- wwwboard my help reveal user name and password Julian Linton (Jul 07)
- Re: wwwboard my help reveal user name and password Shelagh Pepper (Jul 07)
- Re: wwwboard my help reveal user name and password Shadowboxer (Jul 07)
- Re: BitchX /ignore bug Ron DuFresne (Jul 06)