Re: Stack growth direction to thwart buffer overflow attacks
From: Casper H.S. Dik (Casper.Dik_at_Sun.COM)
Date: 08/20/03
- Next message: Bill Unruh: "Re: Stack growth direction to thwart buffer overflow attacks"
- Previous message: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- In reply to: Barry Margolin: "Re: Stack growth direction to thwart buffer overflow attacks"
- Next in thread: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Aug 2003 07:58:38 GMT
Barry Margolin <barry.margolin@level3.com> writes:
>The man page he quoted said it appends at most N characters from the source
>string and then adds a trailing '\0'. That trailing NUL is the "PLUS ONE"
>he referred to.
>The programmer needs to account for this extra byte when specifying N; it's
>a likely fencepost error, and if he gets it wrong he may overwrite the
>first byte of the next object in memory. However, it's not much different
>from specifying the size of a string when calling malloc() -- you also have
>to include space for its trailing null.
I'm objecting to the fact that he calls this "N+1"; the NUL byte is simply
moved to the end.
Casper
-- Expressed in this posting are my opinions. They are in no way related to opinions held by my employer, Sun Microsystems. Statements on Sun products included here are not gospel and may be fiction rather than truth.
- Next message: Bill Unruh: "Re: Stack growth direction to thwart buffer overflow attacks"
- Previous message: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- In reply to: Barry Margolin: "Re: Stack growth direction to thwart buffer overflow attacks"
- Next in thread: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
