Full Disclosure mailing list archives
Re: Exploiting buffer overflows via protected GCC
From: Marcus Meissner <meissner () suse de>
Date: Mon, 16 Feb 2009 15:06:21 +0100
On Mon, Feb 16, 2009 at 09:00:33AM -0500, ArcSighter Elite wrote:
James Matthews wrote:I would recommend doing the following things. 1. Ask on the Ubuntu GCC list what protection is implemented. (Or just look at the source) 2. Use GCC to see where the execution is being redirected and so you can have a better visual of whats going on. 3. Are you sure the stack is executable?
_fortify_fail is caused by the light weight buffer overflow checking, enabled by the -D_FORTIFY_SOURCE=2 compile time flag. Ciao, Marcus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Exploiting buffer overflows via protected GCC Jason Starks (Feb 13)
- Re: Exploiting buffer overflows via protected GCC Valdis . Kletnieks (Feb 13)
- Re: Exploiting buffer overflows via protected GCC ArcSighter Elite (Feb 13)
- Re: Exploiting buffer overflows via protected GCC Jubei Trippataka (Feb 16)
- Re: Exploiting buffer overflows via protected GCC Valdis . Kletnieks (Feb 17)
- Message not available
- Re: Exploiting buffer overflows via protected GCC James Matthews (Feb 14)
- Re: Exploiting buffer overflows via protected GCC ArcSighter Elite (Feb 16)
- Re: Exploiting buffer overflows via protected GCC Marcus Meissner (Feb 16)
- Re: Exploiting buffer overflows via protected GCC James Matthews (Feb 14)
- Re: Exploiting buffer overflows via protected GCC Valdis . Kletnieks (Feb 13)