[12754] in bugtraq
Re: WordPad/riched20.dll buffer overflow
daemon@ATHENA.MIT.EDU (Pavel Machek)
Mon Nov 29 13:54:58 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991127222410.I220@bug.ucw.cz>
Date: Sat, 27 Nov 1999 22:24:10 +0100
Reply-To: Pavel Machek <pavel@SUSE.CZ>
From: Pavel Machek <pavel@SUSE.CZ>
X-To: Christopher Rhodes <chrisr@VERIMAIL.COM>,
BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.9911261358400.13522-100000@bach>; from Christopher
Rhodes on Fri, Nov 26, 1999 at 02:06:26PM -0700
Hi!
> The 386 and up supports no-exec, but only on differing segments. Most OS
> systems aren't properly implemented on the 386+ architecture. The 386+
> supports read-only pages in the paging architecture, but to separate
> executable code from stack and data, you have to point the segment
> registers at differing memory areas. If they overlap, which simplifies
> memory management, then the code, data and stack are all shared. An
> entire segment, according to the Intel documentation, can set aside as
> non-executable.
It not only simplifies code, it also makes it faster. Segments are
obsolete, and intel knows that.
Pavel
--
I'm really pavel@ucw.cz. Look at http://195.113.31.123/~pavel. Pavel
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
