Subject: Code on stack (Re: exploit with memcpy())
To: Jason R Thorpe , David Laight <>
From: TAMURA Kent <>
List: tech-userlevel
Date: 07/04/2002 13:50:12
In message "Re: exploit with memcpy()"
    on 02/07/02, Jason R Thorpe <> writes:
>  > OTOH maybe stopping the stack being executable would be a better
>  > ploy for catching the effects of undersize onstack data buffers.
>  > (at least then you can only jump to code that exists in the
>  > program being executed.)
> That is precisely one of the reasons I'm working on my signals changes.

It is interesting.
I have heard gcc generates trampoline code on stack in some cases.

I guess many exploit code calls syscalls directly, that is "int
$0x80" in i386.  To prohibit calling syscalls from stack code
would be sufficient.

TAMURA Kent <> <>