LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security-improving technologies which could be deployed now

Security-improving technologies which could be deployed now

Posted Jul 4, 2006 23:14 UTC (Tue) by bluefoxicy (guest, #25366)
In reply to: Security-improving technologies which could be deployed now by iabervon
Parent article: Security-improving technologies which could be deployed now

So after a couple years I finally figured this one out. The stack grows up, that's fine; when strcpy() or friends are called, your buffer overflows into strcpy()'s stack frame, and then strcpy() returns to your attack code.

In other words, stack-grows-up architectures aren't any more resistant to buffer overflows (ok so if they overflow in the same function, i.e. via a for loop, then they're safe; this is almost never what happens).

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds