According to John D. Hardin: > >(to continue the topic drift, and throw some ideas into the pot...) > >I wonder how feasible it would be to modify GCC to generate code with two >stacks (or something equivalent): one for local variables, the other for >parameters and return addresses. Might moving the local variables away >from the return addresses this way be a relatively cheap way to prevent >buffer overflow exploits without having to recode all of the applications >or using expensive bounds-checking? > It would be nice apart from the fact that Intel processors make the concept inordinately difficult to implement. Other CPU manufacturers have had multiple general purpose stack registers for ages. Motorola had them in the 6809 even and they were used exactly in the manner suggested by the compiler we were using at the time... >Or how about allocating space for all local variables from the system heap >automatically and transparently rather than placing them on the stack? > Managing memory on the heap will then be a major pain since it will need to be done for each function call. This would mean a major performance hit. >Or how about automatically allocating space just for local strings? This >would take care of buffer overflows with minimal impact, wouldn't it? > In some languages, notably C, the concept of a string is a slippery thing. This is what the debate regarding C/Modula2/Ada/anythingbutgoddamC was about. -- Brett Lymn, Computer Systems Administrator, British Aerospace Australia =============================================================================== And the monks would cry unto them, "Keep the bloody noise down!" - Mort, Terry Pratchett.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:10:43 PDT