Re: non-executable stack on alpha (was Re: Security in general ..)

From: Ivan Kokshaysky (ink@jurassic.park.msu.ru)
Date: Fri Apr 21 2000 - 03:10:45 EST

Next message: Frank van Maarseveen: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Previous message: Soohoon Lee: "Alpha clock problem"
In reply to: Michael H. Warfield: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Next in thread: Frank van Maarseveen: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 20, 2000 at 12:11:43PM -0400, Michael H. Warfield wrote:
> So then all you need is a location in code which pops values into
> the registers from the stack and returns? Somewhat more difficult to
> pull off, but not much. Just like the hack to get around the zeros
> in the library function addresses, remember, you can generally exploit some
> segment of code in the program to do small tasks like poping registers or
> calling library functions for you.
>
No, it won't work because registers r16-r21 (first 6 args) are never
saved/restored on the stack.

But I'm agreed with you that non-executable stack on architectures
passing parameters on the stack won't buy anything.

Ivan.

Next message: Frank van Maarseveen: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Previous message: Soohoon Lee: "Alpha clock problem"
In reply to: Michael H. Warfield: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Next in thread: Frank van Maarseveen: "Re: non-executable stack on alpha (was Re: Security in general ..)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:24 EST