Buffer overflow protection - Wikipedia
en.wikipedia.org
6 comments
Daunting baptism of fire & Meeting the S in RSA
Background:
According to the exFAT file system specification, the maximum length of a file name is 255 characters (UTF-16LE): The FileName field shall contain a Unicode string, which is a portion of the file n…
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.
Aleph One’s excellent Smashing the Stack for Fun and Profit article from 1996 has long been the go-to for anyone looking to learn how buffer overflow attacks work. But the world has changed a lot since then, and the original attacks will not generally work on modern 64-bit machines. Some of this is due to many new defense mechanisms that are now enabled by default (see Paul Makowski’s Smashing the Stack in 2011 for an overview), but those can be disabled if all you want to do is understand how these attacks work. What cannot easily be avoided any more though is 64-bit execution environments.
I ran across something strange while learning about Rust's stack overflow and segmentation fault handling. First, some backstory: in the past, Rust (and Go) used segmented stacks, also known as split stacks. This is a scheme that allows you to start each thread with a small amount of stack space …