Stack growth direction to thwart buffer overflow attacks

• Previous message: Darrell Esau: "cracklib vs crack"
• Next in thread: Phil Fites: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Phil Fites: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Robert Wessel: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Stephan Neuhaus: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Douglas Siebert: "Re: Stack growth direction to thwart buffer overflow attacks"
• Maybe reply: Nick Maclaren: "Re: Stack growth direction to thwart buffer overflow attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 12 Aug 2003 16:54:34 -0700

The other day I mused that using an upward growing stack would be
immune to buffer overflow attacks. Searching comp.arch I found
this old posting:

http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=4495o9%24e8n%40server05.icaen.uiowa.edu

I would think that this simple strategy is worthy of wider
discussion and implementation.

In the past, these kinds of attacks were not as important, and the
choice of direction for stack growth was probably driven by other
criteria.

It seems to me that the tactic of growing the stack upwards would
remove most of the risk of buffer overflow attack. Such an
attack would most likely crash the executing process, and there
is a possibility that the attacker could carefully overwrite
local variables to breach local security checks.

Most importantly, such an attack would not be able to hijack
return addresses since they would be stored at smaller addresses,
and buffer overflow works towards higher addresses.

Earl

• Previous message: Darrell Esau: "cracklib vs crack"
• Next in thread: Phil Fites: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Phil Fites: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Robert Wessel: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Stephan Neuhaus: "Re: Stack growth direction to thwart buffer overflow attacks"
• Reply: Douglas Siebert: "Re: Stack growth direction to thwart buffer overflow attacks"
• Maybe reply: Nick Maclaren: "Re: Stack growth direction to thwart buffer overflow attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Any personal Intrusion Detection Systems ... hard to believe BI let a stack or buffer overflow attack through Maybe, ... A stack or buffer overflow can happen with Outlook Express. ... >> ISS bought Network ICE for two reasons. ... (comp.security.firewalls) Re: Civ 4: Attacking with more then 1 combat unit ... there are several of them in the stack. ... >The stack attack is an option in the game. ... The defender always uses the unit with the highest base defensive value ... forces into 2-3 smaller balanced stacks and move into position, ... (comp.sys.ibm.pc.games.strategic) Re: Civ 4: Attacking with more then 1 combat unit ... The stack attack is an option in the game. ... unit is defending and choosing the appropriate unit from the attacking ... But even with a balanced attacking stack, assaulting a well-defended city ... (comp.sys.ibm.pc.games.strategic) Stack growth direction to thwart buffer overflow attacks ... The other day I mused that using an upward growing stack would be ... remove most of the risk of buffer overflow attack. ... (comp.security.misc) Re: Civ 4 Stacked Attacks Question ... square and then attack all of them at once in a stack. ... But can I accomplish the same thing by just attacking the city one unit ... First reason: collateral damage. ... (comp.sys.ibm.pc.games.strategic)