Re: Public disclosure of discovered vulnerabilities

From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 06/09/05

Next message: David Wagner: "Re: Public disclosure of discovered vulnerabilities"
Previous message: David Wagner: "Re: Public disclosure of discovered vulnerabilities"
In reply to: Vernon Schryver: "Re: Public disclosure of discovered vulnerabilities"
Next in thread: Nick Maclaren: "Re: Public disclosure of discovered vulnerabilities"
Reply: Nick Maclaren: "Re: Public disclosure of discovered vulnerabilities"
Reply: David Harmon: "Re: Public disclosure of discovered vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 9 Jun 2005 13:26:26 +0000 (UTC)

Vernon Schryver wrote:
>I can't think what you might mean by "stack overflow."

"stack overflow" is a term that refers to a buffer overrun
in a buffer stored on the stack. e.g.,
    void f() {
        char buf[80];
        gets(buf);
    }
That's a stack overflow, because buf[] is a stack-allocated buffer.

>For me, the distinction between whatever you mean by "stack overflow"
>and what the Worm did makes no sense. All that needs to be said is
>"here's a way to modify memory."
>
>Do you make that distinction because [...]

*I* didn't introduce that distinction. I'm telling you about a
distinction that folks in the security community tended to make about a
decade ago. I'm just the messenger here; if you don't like my message,
I sympathize, but all I can do is tell it like I saw it. Folks tended
to distinguish between these two cases, because at the time there were
publicly known methods of exploiting stack overflows -- whereas there
weren't publicly known methods of exploiting, say, double-free bugs.

Next message: David Wagner: "Re: Public disclosure of discovered vulnerabilities"
Previous message: David Wagner: "Re: Public disclosure of discovered vulnerabilities"
In reply to: Vernon Schryver: "Re: Public disclosure of discovered vulnerabilities"
Next in thread: Nick Maclaren: "Re: Public disclosure of discovered vulnerabilities"
Reply: Nick Maclaren: "Re: Public disclosure of discovered vulnerabilities"
Reply: David Harmon: "Re: Public disclosure of discovered vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Win32 DLL project randomly crashes after moving to VS2005
... Have you found something when your program crashed with stack overflow ... Since your DLL project just upgraded to VS2005, is it possible that the new ... buffer and the return address. ... it will have to overwrite the cookie put in between it and the ...
(microsoft.public.vc.ide_general)
Re: Reading local files in Netscape 6 and Mozilla (GM#001-NS)
... > The exception unknown software exception ... Exception xfd is a stack overflow, not a buffer ... Again, a stack overflow, not a buffer overflow. ...
(NT-Bugtraq)
Re: Stack Overflow
... EW> The code almost completes when it throws a stack overflow exception. ... If I understand correctly data is stored in the buffer. ... Then data is piling up in the heap not in the stack... ...
(microsoft.public.dotnet.general)