This isn't fixed until the compilers are

Posted Jul 2, 2017 0:57 UTC (Sun) by areilly (subscriber, #87829)
In reply to: This isn't fixed until the compilers are by ebiederm
Parent article: Ripples from Stack Clash

Yes, this is not really an OS issue, although I don't really understand how OSes on 64-bit systems can't help by arranging for swapping death to occur long before the "clash."

This is an application security bug issue, just like every other form of security violation via type violation bug. Everyone has written a program that crashes (eventually) by doing infinite recursion. It's not difficult or clever, it's coding an algorithm bug.

All of the examples in the original Stack Clash report aren't system bugs, they're user-input validation bugs in software that has security implications, and -duh- appropriately unexpected input can tickle a bug that has bad results.

The contiguously-allocated stack is just a convenient data structure that's used for the very good reason that it's efficient. It is just a data structure that's used. Use can include misuse. Some languages and systems trade this efficiency for other structures and other trade-offs: some allocate stack-frames on the heap as a traditional linked structure, because that supports a very large number of threads in a small address space, at the cost of more expensive allocation.

The way this issue is being discussed makes it sound as though Red Hat or Linus or the FreeBSD foundation are responsible for input-validation bugs in Exim. That's simply not the case.

This isn't fixed until the compilers are

Posted Jul 3, 2017 7:29 UTC (Mon) by dlang (guest, #313) [Link] (2 responses)

you can never count on the compilers 'fixing' a problem like this.

If there is a way to crash/corrupt your machine from a sequence of instructions, attackers will use asm() to insert those specific instructions, the fact that the rest of your machine was compiled with a compiler that does something to avoid this bug isn't going to help you.

This isn't fixed until the compilers are

Posted Jul 3, 2017 8:06 UTC (Mon) by Jandar (subscriber, #85683) [Link]

If an attacker can write the executed code with asm(), he/she is already past the defense this fix should create.

This isn't fixed until the compilers are

Posted Jul 4, 2017 3:15 UTC (Tue) by Aaron1011 (guest, #115128) [Link]

> If there is a way to crash/corrupt your machine from a sequence of instructions, attackers will use asm() to insert those specific instructions

Stack Clash isn't a vulnerability in the kernel - it's a vulnerability that allows an attacker to gain control over a process that they wouldn't normally be able to (e.g. a guid/suid'd program like 'sudo'). The kernel change simply makes it less likely for this kind of vulnerability to be exploited (though stack probing is needed to truly fix the issue).