[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Smashing the stack on a DEC Alpha
From:       Julian Assange <proff () suburbia ! net>
Date:       1997-01-17 18:51:35
[Download RAW message or body]

> If I recall, and I could be wrong here, the stack is marked as
> non-executable on that platform, and as a result, the system won't
> execute code placed there.
>
> Don't quote me on that though.
>
> dreamer

This is the case. The heap however is a different story.  DEC's
design policy left exec bits on for the heap and various library
statics as a legacy for interactive dynamically compiled languages.
As such it the architecture still suffers from buffer overruns,
but requires a two pronged attack; PC adjustment via the stack to
code on the heap. The are other not insurmountable difficulties
with exploiting OSF code - this generally relates to the delayed
binding of the dynamic library system.

Cheers,
Julian <proff@iq.org>

[prev in list] [next in list] [prev in thread] [next in thread]