View Single Post
Old 03-01-04, 09:52 PM   #13
SnapIT
Registered User
 
Join Date: Jun 2003
Posts: 154
Default

To clarify my earlier post, explaining the importance of per page permissions in the AM-64 implementation...

On IA32 if a page is writable it's also executable, meaning once the overflow happens you just have to find a way to make EIP point to the overflow area to execute your code. What AMD64 (and everyone else that's not IA32 compatible) does is include an extra security bit that allows you to set pages writable but not executable, so even though the overflow still happens and the app crashes there's no chance to execute code from the overflow. Userland programmers don't see any difference, the kernel is what manages the page permissions.
SnapIT is offline   Reply With Quote