Vulnerability Development mailing list archives
Re: "Moving" Stack: my poor return address!
From: Alexander Klimov <alserkli () inbox ru>
Date: Wed, 2 Aug 2006 12:14:07 +0300 (IDT)
On Mon, 31 Jul 2006, Jack C wrote:
I'm running on Fedora 5. Is this a security thing that's new in the past 2 years or so since I've coded one of these?
Yes, many distributions now use by default address space randomization.
Is there any way I can either (1) make the stack sit still so I can point into it
<http://gcc.gnu.org/wiki/Randomization>: To disable randomization for a shell session: setarch $(uname -p) -RL bash To disable randomization for the whole system, add this to /etc/sysctl.conf: kernel.randomize_va_space = 0 After that, run 'sysctl -p' as root to update the kernel without rebooting.
or (2) find out where it is during execution?
Just printf address of some local variable (they are allocated in stack). -- Regards, ASK
Current thread:
- "Moving" Stack: my poor return address! Jack C (Aug 01)
- Re: "Moving" Stack: my poor return address! Andrea Purificato - bunker (Aug 02)
- Re: "Moving" Stack: my poor return address! Alexander Klimov (Aug 02)
- Re: "Moving" Stack: my poor return address! Steve Bonds (Aug 02)
- Re: "Moving" Stack: my poor return address! Jon Erickson (Aug 02)
- <Possible follow-ups>
- Re: "Moving" Stack: my poor return address! list-recv (Aug 02)
- RE: "Moving" Stack: my poor return address! salexander (Aug 02)
- Re: "Moving" Stack: my poor return address! Javor Ninov (Aug 29)