C/C++ compilers have one stack for local variables and return addresses and then another stack for a

Discussion in 'C Programming' started by Casey Hawthorne, Nov 1, 2009.

  1. One of the buffer overrun problems seems to be overwriting the return
    address on the stack, so as to execute your own code.

    C/C++ compilers have one stack for local variables and return
    addresses and then another stack for array allocations on the stack.
    --
    Regards,
    Casey
    Casey Hawthorne, Nov 1, 2009
    #1
    1. Advertising

  2. Casey Hawthorne <> writes:
    > One of the buffer overrun problems seems to be overwriting the return
    > address on the stack, so as to execute your own code.
    >
    > C/C++ compilers have one stack for local variables and return
    > addresses and then another stack for array allocations on the stack.


    Was there a "should" missing from that sentence?

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    Nokia
    "We must do something. This is something. Therefore, we must do this."
    -- Antony Jay and Jonathan Lynn, "Yes Minister"
    Keith Thompson, Nov 1, 2009
    #2
    1. Advertising

  3. Casey Hawthorne

    Seebs Guest

    On 2009-11-01, Keith Thompson <> wrote:
    > Casey Hawthorne <> writes:
    >> One of the buffer overrun problems seems to be overwriting the return
    >> address on the stack, so as to execute your own code.
    >>
    >> C/C++ compilers have one stack for local variables and return
    >> addresses and then another stack for array allocations on the stack.


    > Was there a "should" missing from that sentence?


    This would be a very interesting way to turn a false statement into a
    false statement, even assuming we grant semantic coherence.

    Since C and C++ compilers often have noticably different ways of
    interacting with the environment, it's not necessarily safe to treat
    them interchangeably. In particular, I suspect the much more elaborate
    range of things that "local variables" contain in C++ creates a substantial
    additional risk.

    But! There is also the trivia point that a local variable of any type
    can have its address taken and be treated as an array of one object of
    that type, and I suspect at least some attacks have used that vector. Not
    nearly as many, to be sure.

    But ultimately, I don't think I buy the argument that this provides
    substantial protection. I'm a lot more interested by, say, marking the
    stack area as non-executable, which does a pretty good job of solving
    things.

    Just pragmatically, doing this would dramatically increase implementation
    costs, especially on the systems which DO have a native "stack" implemented
    by the CPU, because on those systems, keeping track of the second stack would
    be much more expensive than keeping track of the first one. Even in
    general, though, I don't think this would pay off particularly well.

    -s
    --
    Copyright 2009, all wrongs reversed. Peter Seebach /
    http://www.seebs.net/log/ <-- lawsuits, religion, and funny pictures
    http://en.wikipedia.org/wiki/Fair_Game_(Scientology) <-- get educated!
    Seebs, Nov 1, 2009
    #3
  4. Casey Hawthorne

    Flash Gordon Guest

    Re: C/C++ compilers have one stack for local variables and returnaddresses and then another stack for array allocations on the stack.

    Keith Thompson wrote:
    > Casey Hawthorne <> writes:
    >> One of the buffer overrun problems seems to be overwriting the return
    >> address on the stack, so as to execute your own code.
    >>
    >> C/C++ compilers have one stack for local variables and return
    >> addresses and then another stack for array allocations on the stack.

    >
    > Was there a "should" missing from that sentence?


    Probably.

    To the OP (since Keith knows this), the implementation is allowed to
    have as many separate stacks (or other structures) for different things
    as it likes. Some implementations do clever things to protect against
    buffer overflow exploits of this type.
    --
    Flash Gordon
    Flash Gordon, Nov 1, 2009
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. geletine

    commercial c compilers vs free c compilers

    geletine, Jul 2, 2006, in forum: C Programming
    Replies:
    33
    Views:
    1,288
  2. namespace1
    Replies:
    3
    Views:
    875
  3. Tony Johansson
    Replies:
    1
    Views:
    440
    Alexey Smirnov
    Jan 4, 2010
  4. Replies:
    0
    Views:
    252
  5. Replies:
    4
    Views:
    520
    cwdjrxyz
    Jan 17, 2006
Loading...

Share This Page