Vulnerability Development mailing list archives

Re: Changes in Aleph1 Smashing the Stack...

From: Alexander Klimov <alserkli () inbox ru>
Date: Mon, 29 Nov 2004 12:57:50 +0200 (IST)

On Fri, 26 Nov 2004, Florencio Cano wrote:

I'm studying how buffer overflows work. While reading the famous article
by Aleph1 Smashing the Stack for Fun and Profit I have got some problems.
I think my problems are caused by changes in new versions of gcc so,
where I can find information about how changes in new versions of gcc
affect the stack when a function are called or how new versions affect
the programming of bofs.


The ultimate source of such information is source code itself. Well, I do not
propose to read gcc's source code :-) but rather use gcc -S to generate
assembler code of exploited program, alternatively you can use disassembler
facilities to examine binary file (gdb's disass or objdump's -d).

You should also check different issues: probably you OS has non-executable
stack, or gcc is patched to generate overflow checks.

-- 
Regards,
ASK

Current thread:

Changes in Aleph1 Smashing the Stack... Florencio Cano (Nov 28)
- Re: Changes in Aleph1 Smashing the Stack... Alexander Klimov (Nov 29)
- Re: Changes in Aleph1 Smashing the Stack... Nessim Kisserli (Nov 29)