On most platforms the stack grows downwards, towards zero 1. One typical example for the latter is the handling of user data without proper checks of the limits of data structures:
![gcc stack smashing detected gcc stack smashing detected](https://i.ytimg.com/vi/gYqCILRW5HY/maxresdefault.jpg)
The write can happen on purpose by using pointer arithmetic, or by coding errors. But by writing to memory beyond those variables it is possible to change the return address, and thus alter the control flow of the program. This is very much transparent to the programmer.
![gcc stack smashing detected gcc stack smashing detected](https://lbarman.ch/blog/stack_smashing/img/voyage_end.png)
The stack also stores all variables local to that function. When calling a function, the stack stores the address where execution must resume once the functions returns. Let’s recap: The stack is a memory region that stores data. Perhaps the most dangerous class of memory access errors are stack smashing bugs. Please subscribe via Email or RSS on the right to get notified of the upcoming posts! Stack protector Stack protector will be discussed in this post, other techniques will follow: Executable-space protection, ASLR, RELRO/BIND_NOW, Fortify, RPATH/RUNPATH. We will discuss Linux ELF only (including x86-64 and PowerPC). These techniques are not only meant as a protection against the exploitation of memory errors, but they are most useful for that class of errors. But in today’s world, with many programs exposed to the internet in some form, and exploits doing more and more damage due to more data being handled, and more devices running your software, it is essential to harden your binaries!
![gcc stack smashing detected gcc stack smashing detected](https://p-blog.csdn.net/images/p_blog_csdn_net/zzmfish/EntryImages/20091220/leak3.png)
This may be partly due to the C/C++ mantra of “You pay only for what you need”, partly due to compatibility fears and inertia. You may be surprised to learn that in some toolchains these are not enabled by default. In all these cases hardening provides a safety net to avoid the worst, even when a bug slips into the code.īelow we will discuss several useful hardening techniques.
#Gcc stack smashing detected code
Furthermore there is a large body of legacy code, C code, system code and external libraries that sometimes cannot be audited for correctness. But most of the time you will not be aware of the bug: It might just slip through code review, or might only be triggered under very complex circumstances which no reviewer considered. Now, you might argue that the best way to prevent attacks is to fix the buggy code to make the exploit impossible. This is not strictly necessary since program execution can just be redirected to some code already loaded into memory (“ return-oriented programming“).