Marco A.
Reputation: 43662
Buffer overflow: writing code to stack and executing there
I know what a buffer overflow is and I know that (without DEP), often stack return addresses are overwritten with an address pointing somewhere in data or code sections.. but what if the stack return address were overwritten with another stack address overwritten with executable code? Would DEP be still effective in that case? "Data Execution prevention" sounds like only the "Data" section is effectively protected
Upvotes: 2
Views: 276
Answers (1)
David Heffernan
Reputation: 613582
DEP prevents execution of code on the stack, as well as the heap. In other words, the stack is viewed as being data.
Upvotes: 4
Related Questions
- Buffer overflow exploit
- Exploiting a Stack Buffer Overflow
- How to exploit a buffer overflow to execute instructions on the stack
- Simple Buffer Overflow Exploit
- Buffer overflow vulnerability
- Stack Overflow Exploit in C
- Stack-based overflow code from Hacking: The Art of Exploitation
- Is it possible to inject code into stack on x86-64
- Question with stack smashing protection and buffer overflows
- about buffer overflow