C
Casey Hawthorne
Making the stack area non-executable will not help against stack based
buffer overruns, since the return address could be changed to an
executable area of memory.
A solution could be that the C compiler is setup so that when a
function call is made, it is set up to encode the return address
placed on the stack with the stack pointer (SP) and possibly some fast
encryption technique.
Then if the return address is altered, when the return address is
unencoded/decrypted and found to be invalid, the application would
stop with an invalid return address message sent back to the O/S.
I realize this would eat up quite a few cycles, so it would be better
if it was done in hardware.
Tail Call Optimization (TCO) would still work, since no additional
stack frames are pushed on the stack, so the return address would not
be altered.
buffer overruns, since the return address could be changed to an
executable area of memory.
A solution could be that the C compiler is setup so that when a
function call is made, it is set up to encode the return address
placed on the stack with the stack pointer (SP) and possibly some fast
encryption technique.
Then if the return address is altered, when the return address is
unencoded/decrypted and found to be invalid, the application would
stop with an invalid return address message sent back to the O/S.
I realize this would eat up quite a few cycles, so it would be better
if it was done in hardware.
Tail Call Optimization (TCO) would still work, since no additional
stack frames are pushed on the stack, so the return address would not
be altered.