Vulnerability Development mailing list archives

RE: looking for recursion stack overflow exploit

From: Michael Wojcik <Michael.Wojcik () microfocus com>
Date: Mon, 25 Nov 2002 08:03:22 -0800

From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu]
Sent: Friday, November 22, 2002 9:35 AM

On the other hand, the Unix libc usually contains the qsort() and ftw()
routines, which might be interesting.


qsort() is sometimes implemented iteratively rather than recursively.  (For
that matter, it can be implemented with any sorting algorithm that preserves
the semantics in the standard - it needn't be Quicksort.)  Hoare, in his
Turing Award speech, said that his original Quicksort design (it's not clear
he ever implemented it this way) was iterative, not recursive.  Since
qsort() uses a size_t for the number of elements, and the implementation
decides how large a size_t is, the implementation also knows how deep the
qsort() stack can get (log-2 of the maximum value of a size_t, if memory
serves), so it can use a manual fixed-size stack and iterate.

Regardless of qsort() implementation, though, I agree that recursion
overflow doesn't look like a very promising area for vulnerability research.

Michael Wojcik
Principal Software Systems Developer, Micro Focus

Current thread:

looking for recursion stack overflow exploit bukys (Nov 22)
- Re: looking for recursion stack overflow exploit Valdis . Kletnieks (Nov 23)
- Re: looking for recursion stack overflow exploit Sebastian Krahmer (Nov 24)
- Re: looking for recursion stack overflow exploit Liudvikas Bukys (Nov 25)
- <Possible follow-ups>
- Re: looking for recursion stack overflow exploit Silvio Cesare (Nov 25)
- RE: looking for recursion stack overflow exploit Michael Wojcik (Nov 25)