Re: OS stopping stack buffer overflow exploits

Date: Sun Jun 04 2000 - 08:58:31 EST

Jeff Garzik <> writes:

> On Sun, 4 Jun 2000, Ingo Oeser wrote:
> > On Sat, Jun 03, 2000 at 07:48:17PM -0700, Matthew Dharm wrote:
> > > Hrm... this could cause some problems for applications which use
> > > self-modifying code (i.e. trampoline handlers, etc.)
> >
> > Could you please show a daily example of any *need* for
> > trampolines? I mean code, which could only be implemented
> > (efficiently) via trampolines.
> >
> > I never saw one generated by GCC and never wrote an explicit one
> > by myself. So for what important piece of code we do need it and
> > can't code it without trampolines?
> A commercial Java compiler (the fastest one on the market AFAIK) uses
> then, and IIRC Gnu Ada uses some features which are unfriendly to the
> OS attempting to stop stack overflow exploits across the board.

Gnu Ada use trampolines also...

> A much better solution is libsafe. Check it out.

agree :)
> In any case, this thread has been beaten to death. Maybe we should all
> just re-read the old threads? :)

Yop, this is the third time some people here including me are repeating
themselve, maybe it could be a good idea to create a FAQ
about this topic. :)

		-- Yoann
 It is well known that M$ product don't make a free() after a malloc(),
the unix community wish them good luck for their future developement.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:18 EST