[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: rawhide report: 20050710 changes

From: Arjan van de Ven <arjanv redhat com>
To: Brian Gerst <bgerst didntduck org>
Cc: For testers of Fedora Core development releases <fedora-test-list redhat com>
Subject: Re: rawhide report: 20050710 changes
Date: Sun, 10 Jul 2005 15:58:21 +0200

On Sun, Jul 10, 2005 at 09:52:12AM -0400, Brian Gerst wrote:
> 
> What exactly does it do?

it's a port to gcc4 of the "propolice" stuff;

it does 2 things
1) it sorts the variables on the stack with the goal of putting no critical
   non-buffer variables after the buffer, so that overflows have less stuff
   to scribble over.
2) It puts a canary on the stack (in some conditions), so that overwrites of
   the function return address caused by buffer overflows need to also
   overwrite the canary, which is then detected before the actual return
   value is used. Result is that stack overflows get a lot trickier to
   exploit since one would need to guess the value of the canary (which is
   random and stored in per thread data) before a return address can
   successfully overwritten.

References:
- rawhide report: 20050710 changes
  - From: Build System
- Re: rawhide report: 20050710 changes
  - From: Dawid Gajownik
- Re: rawhide report: 20050710 changes
  - From: Arjan van de Ven
- Re: rawhide report: 20050710 changes
  - From: Brian Gerst

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]