Bugtraq mailing list archives

Re: SMASHING THE STACK: PREVENTION?

From: tqbf () ENTERACT COM (Thomas H. Ptacek)
Date: Tue, 29 Apr 1997 06:58:53 -0500

What about a sort of "execXXX-wrapper"? Instead of patching the kernel,
I wonder whether it make sense to patch the C library (libc.a). In each
routine of the exec family (execvp, execl, execve...) one could add something
like:


This doesn't do anything to prevent stack overruns. A conventional stack
overrun exploit doesn't use the C library system call interface; it
duplicates it entirely in assembler.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf () enteract com]
----------------
"If you're so special, why aren't you dead?"

Current thread:

Re: Smashing the Stack: prevention?, (continued)
- - Re: Smashing the Stack: prevention? Russell Coker (Apr 28)
  - Possibly exploitable buffer overflow in Solaris 2.5.1 ps Joe Zbiciak (Apr 28)
    - Re: Possibly exploitable buffer overflow in Solaris 2.5.1 ps Geoffrey KEATING (Apr 29)
    - Digital UNIX/Irix mesg problem Tom Leffingwell (Apr 29)
    - Re: Digital UNIX/Irix mesg problem John Sheehy (Apr 29)
    - Access control on W3C httpd server Peter Lord (Apr 30)
    - vulnerabilities in kerberos David Sacerdote (Apr 29)
    - Sun Security Bulletin #00139 Sun Security Coordination Team (Apr 29)
  - SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
    - Re: SMASHING THE STACK: PREVENTION? Alex Belits (Apr 28)
    - Re: SMASHING THE STACK: PREVENTION? Thomas H. Ptacek (Apr 29)
- Re: Smashing the Stack: prevention? Tim Newsham (Apr 27)
- Re: Smashing the Stack: prevention? Joe Zbiciak (Apr 28)
- Re: Smashing the Stack: prevention? Daniel Ryde (Apr 28)
- xlock clarification.... David Hedley (Apr 28)
- Re: Smashing the Stack: prevention? Steve Coleman - SEWP (Apr 28)
- Re: Smashing the Stack: prevention? Alexander Snarskii (Apr 28)
- Re: Smashing the Stack: prevention? Michael Shields (Apr 28)
  - Re: Smashing the Stack: prevention? Theo de Raadt (Apr 28)
- Re: Smashing the Stack: prevention? Shawn Instenes (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 28)

(Thread continues...)