LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 04-08-2008, 08:44 AM   #1
Tanc
Member
 
Registered: Sep 2003
Location: France
Distribution: Debian etch
Posts: 99

Rep: Reputation: 15
Question Two differents codes with two differents gcc ( 3.4 and 4.1)


Hi LQ,

Actually following a security course, i was looking for more info regarding buffer overflow.

During my personal research, i've found something quite strange which is obviously due to my lack of knowledge.

Why are they some differents version of gcc not working the same way when memory allocating ?

let's take an simple example :
char tableau[5]
char tableau[10]
When disassembling this code with gdb, i do have the following :

On debian 4.x ( kernel 2.6 ) and gcc 4.1.2,
it does allocate 16 bytes for the two arrays
SUB $ 0x10, %esp

On debian 3.1 ( kernel 2.4 ) and gcc 3.4.6
it does allocate 40 bytes
SUB $ 0x28, %esp

I presume there are differences between both version of gcc and / or kernel.
I've tried to have a look within GCC online doc, but without success at the moment.

Can someone set me out on the path of truth ?

I've read some stuff regarding protected kernel mode ( which, as far as i understood,is activated in 2.6 kernel ) .. could it be a clue ?

Thanks for any infos.
Regards,
Pierre
 
Old 04-08-2008, 09:48 AM   #2
duryodhan
Senior Member
 
Registered: Oct 2006
Distribution: Slackware 12 Kernel 2.6.24 - probably upgraded by now
Posts: 1,054

Rep: Reputation: 46
Have you tried asking on gcc mailing list ?
 
Old 04-08-2008, 10:34 AM   #3
Tanc
Member
 
Registered: Sep 2003
Location: France
Distribution: Debian etch
Posts: 99

Original Poster
Rep: Reputation: 15
Good idea.
i'll be back with an answer if i do have one on gcc mailing list.
Thanks.
 
Old 04-08-2008, 12:09 PM   #4
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
What do you mean by "allocate"? It looks like you're "allocating" on the stack and not actually allocating heap memory.
ta0kira
 
Old 04-08-2008, 03:36 PM   #5
Tanc
Member
 
Registered: Sep 2003
Location: France
Distribution: Debian etch
Posts: 99

Original Poster
Rep: Reputation: 15
What do you mean by "allocate"?
This is a misused term. My fault.
I mean that i was looking at the code doing gdb and disassembling it gave me a value substracted from %esp. ( which i understood as allocated )

To be as clear as possible, i was looking at the following link with the aim of studying a simple case of buffer overflow.
 
Old 04-08-2008, 08:58 PM   #6
ta0kira
Senior Member
 
Registered: Sep 2004
Distribution: FreeBSD 9.1, Kubuntu 12.10
Posts: 3,078

Rep: Reputation: Disabled
Quote:
Originally Posted by Tanc View Post
To be as clear as possible, i was looking at the following link with the aim of studying a simple case of buffer overflow.
It does sound kind of like nitpicking, but the difference between stack and heap is relevant to your question. A heap allocation would normally be 8-byte aligned with glibc with a 12-byte header for each memory segment, if I remember correctly. Allocating it on the stack (I suppose your usage is correct) might align to the register size, might align to single bytes, or might do something entirely differently. I'll take a look at the link when I get a chance.
ta0kira
 
Old 04-09-2008, 01:57 PM   #7
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 70
Quote:
Originally Posted by ta0kira View Post
Allocating it on the stack (I suppose your usage is correct) might align to the register size, might align to single bytes, or might do something entirely differently.
Alignment of stack allocations in gcc are made to comply with the -mpreferred-stack-boundary (which defaults to 16), but that is not the issure here. The issue is that gcc4 is more efficient about stack-allocation than gcc3 (which is a known phenomenon), and any nave (as in hardcoding the stack location) buffer-overflow exploit for gcc3 code will need to be modified for gcc4 code.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to use differents "x" desktop managers htamayo Debian 2 09-22-2007 07:50 PM
Using differents IP for different users logon gu3vara Linux - Server 2 08-29-2007 10:36 PM
Wich are the differents cores of AMD 64bits CPUs? HellSpawn General 14 02-26-2006 09:39 PM
what is the differents of alpha and beta? schneemann Suse/Novell 1 12-24-2005 11:43 AM
Differents between some kernel-xxx dickmitnick Linux - Software 1 09-23-2004 06:57 AM


All times are GMT -5. The time now is 12:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration