On Wed, Sep 20, 2017 at 01:18:04PM +0200, Yann Droneaud wrote:
> Le mardi 19 septembre 2017 ?? 19:16 +0200, Solar Designer a ??crit :
> >
> > We could put/require a NUL in the middle of the canary,
> > but with the full canary being only 64-bit at most that would also
> > make some attacks easier.
Hi,
Le mardi 19 septembre 2017 à 19:16 +0200, Solar Designer a écrit :
>
> We could put/require a NUL in the middle of the canary,
> but with the full canary being only 64-bit at most that would also
> make some attacks easier.
>
Are you suggesting to randomly select which byte to set to 0 in ea
> Brad trolls us all lightly with this trivia question:
>
> https://twitter.com/grsecurity/status/905246423591084033
I'll respond to your proposed scenario rather than guessing at what is
being suggested there and if it's actually the same thing as what you've
brought up.
They've stated many tim
On Tue, Sep 19, 2017 at 10:16 AM, Solar Designer wrote:
> On Wed, May 24, 2017 at 11:57:46AM -0400, r...@redhat.com wrote:
>> Zero out the first byte of the stack canary value on 64 bit systems,
>> in order to mitigate unterminated C string overflows.
>>
>> The null byte both prevents C string fun
On Wed, May 24, 2017 at 11:57:46AM -0400, r...@redhat.com wrote:
> Zero out the first byte of the stack canary value on 64 bit systems,
> in order to mitigate unterminated C string overflows.
>
> The null byte both prevents C string functions from reading the
> canary, and from writing it if the c
Zero out the first byte of the stack canary value on 64 bit systems,
in order to mitigate unterminated C string overflows.
The null byte both prevents C string functions from reading the
canary, and from writing it if the canary value were guessed or
obtained through some other means.
Reducin
6 matches
Mail list logo
