On Thu, Apr 16, 2009 at 05:46:56AM +0200, Markus Gothe wrote: > That article is a classic one, just the name itself... > > However the article itself is based on M68K and Intel x86 IIRC. There is a variant or extension of it which specifically looks at MIPS o32 issues. > Indeed, IRIX < 6.2 was all o32, correct me if I'm wrong. > > To get back on track, what about a kernel that can be compiled by > MIPSPro C and not relaying on glibc and GNUisms (al right, 'asmlinkage' > cracked that idea once and for all a few years ago), but my point is to > change the libc as little as possible. Do you have a MIPSpro compiler that is hosted on a non-IRIX? Asmlinkage is just an empty define. > I hope I brought a grasp of light on the issue (and yes $ra is fun to > play with), and as Ralph pointed out: the special stack frame makes the > return address traceability disappear after one step as __GNUC__ knows > it. The first problem with the usual stack smashing techniques is that the return address of a leaf function is not getting stored on the stack at all, so can't be smashed by a stack overflow. So the caller's return address is becoming the new attack target. Ralf PS: Who's that Ralph?
