Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)
Peter Tomlinson
pwt at iosis.co.uk
Tue Aug 10 13:12:03 BST 2010
Jon Ribbens wrote:
> On Tue, Aug 10, 2010 at 11:04:16AM +0100, Roland Perry wrote:
>
>>> The problem is not something below the stack rising to bite it. It's
>>> from something "newer" on the stack (i.e. low in memory) overflowing its
>>> reserved space on the stack to rise up and bite something "older" on the
>>> stack (i.e. higher in memory).
>>>
>> But if stacks grow downwards, how can a newer item rise upwards?
>>
> The code thinks it's going to write, say, a string of 20 bytes, so the
> stack pointer is reduced by 20 bytes to provide this space. The code
> is then persuaded to write a string, started at the lowest address of
> that space and continuing upwards, of more than 20 bytes, thus
> overwriting the older/higher part of the stack.
That is a method that is just asking for trouble...
Peter
More information about the ukcrypto
mailing list