[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Executable memory: further programs that fail



Tim Daly wrote:

I react to the notion that shared libraries can be placed "at random" in free space. Lisp systems, database systems,
numeric systems (e.g. large matrix computations), all rely on
large, contiguous blocks of storage. In fact the size of the
problem they can handle depends on the size of contiguous storage. I don't understand why fragmenting free storage
helps security.

I'm not an assembly programmer, so someone may correct me:


buffer overflow exploits rely on the ability to call a library function at a predictable address. If the libraries are loaded at random addresses, then buffer overflow attacks have a much more difficult time predicting the address of a block of code to jump to.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]