lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Oct 2007 15:08:35 +0200 (MEST) From: Mikael Pettersson <mikpe@...uu.se> To: kamezawa.hiroyu@...fujitsu.com, shiwh@...fujitsu.com Cc: linux-kernel@...r.kernel.org, mikpe@...uu.se Subject: Re: [PATCH 1/3] signal(i386): alternative signal stack wraparound occurs On Thu, 4 Oct 2007 21:47:30 +0900, KAMEZAWA Hiroyuki wrote: > On Thu, 04 Oct 2007 21:33:12 +0900 > Shi Weihua <shiwh@...fujitsu.com> wrote: > > > KAMEZAWA Hiroyuki wrote:: > > > On Thu, 04 Oct 2007 20:56:14 +0900 > > > Shi Weihua <shiwh@...fujitsu.com> wrote: > > > > > >> stack.ss_sp = addr + pagesize; > > >> stack.ss_flags = 0; > > >> stack.ss_size = pagesize; > > > Here is bad. > > > stack,ss_sp = addr; > > > stack.ss_flags = 0; > > > stack.ss_size = pagesize * 2; > > [What the test code want to do] > > addr+pagesize*2 - addr+pagesize -> sigaltstack > > addr+pagesize - addr -> protected region > > The code want to catch overflow when esp enter the protected region. > > > You have to protect the top of *registered* sigaltstack. > The reason of wraparound is %esp will be set to the bottom of sigaltstack > if it is not on sigaltstack area when signaled. > What you have to do is protect the top of registerd sigaltstack. > If %esp is in the range of registerd sigaltstack at SEGV, wraparound > will stop. Exactly right. You mprotect or munmap the end of the altstack, not the area beyond it. /Mikael - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists