Why don't stacks grow upwards (for security)?

Posted by AshleysBrain on Stack Overflow See other posts from Stack Overflow or by AshleysBrain
Published on 2010-04-30T12:35:31Z Indexed on 2010/04/30 12:47 UTC
Read the original article Hit count: 306

Filed under:

cpu

|

architecture

|

stack

|

security

|

x86

This is related to the question 'Why do stacks typically grow downwards?', but more from a security point of view. I'm generally referring to x86.

It strikes me as odd that the stack would grow downwards, when buffers are usually written to upwards in memory. For example a typical C++ string has its end at a higher memory address than the beginning.

This means that if there's a buffer overflow you're overwriting further up the call stack, which I understand is a security risk, since it opens the possibility of changing return addresses and local variable contents.

If the stack grew upwards in memory, wouldn't buffer overflows simply run in to dead memory? Would this improve security? If so, why hasn't it been done? What about x64, do those stacks grow upwards and if not why not?

© Stack Overflow or respective owner

Related posts about cpu

Speedstep and Intel x5570?

as seen on Server Fault - Search for 'Server Fault'
Hi, My new server has 2 x X5570 CPUs. Now here is the output of grep -i hz /proc/cpuinfo model name : Intel(R) Xeon(R) CPU X5570 @ 2.93GHz cpu MHz : 1600.231 model name : Intel(R) Xeon(R) CPU X5570 @ 2.93GHz cpu MHz : 1600.231 model name : Intel(R) Xeon(R) CPU … >>> More
VMware ESXi - varying CPU time (CPU reservation)

as seen on Server Fault - Search for 'Server Fault'
Hello! I'm running FreeBSD 7.2 under VMware ESXi 3.5. Host has 2 physical CPUs and the BSD box is currently the only running VM. Only one virtual CPU is assigned to the VM. When measuring CPU time of a specific program, I get very different results from time to time. Processor usage is reported… >>> More
How to calculate CPU % based on raw CPU ticks in SNMP

as seen on Server Fault - Search for 'Server Fault'
According to http://net-snmp.sourceforge.net/docs/mibs/ucdavis.html#scalar_notcurrent ssCpuUser, ssCpuSystem, ssCpuIdle, etc are deprecated in favor of the raw variants (ssCpuRawUser, etc). The former values (which don't cover things like nice, wait, kernel, interrupt, etc) returned a percentage… >>> More
disparity between `top`'s given CPU % and process CPU usage total

as seen on Super User - Search for 'Super User'
I've noticed that there are sometimes (large) differences between the reported total CPU usage and a summation of the per-process CPU utilization given by apps like top and wmtop. As an example: I recently ran a git filter-branch --index-filter on a fairly large repo, with the index-filter command… >>> More
How to read oom-killer syslog messages?

as seen on Server Fault - Search for 'Server Fault'
I have a Ubuntu 12.04 server which sometimes dies completely - no SSH, no ping, nothing until it is physically rebooted. After the reboot, I see in syslog that the oom-killer killed, well, pretty much everything. There's a lot of detailed memory usage information in them. How do I read these logs… >>> More

Related posts about architecture

3-tier architecture v. 3-server architecture

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm building a traditional .NET MVC site, so I've got a natural 3-tier software architecture setup (presentation in the form of Views, business layer in the controller, and data layer in the models and data access layer). When I've deployed such sites, it usually goes either on one server (where… >>> More
"cloud architecture" concepts in a system architecture diagrams

as seen on Stack Overflow - Search for 'Stack Overflow'
If you design a distributed application for easy scale-out, or you just want to make use of any of the new “cloud computing” offerings by Amazon, Google or Microsoft, there are some typical concepts or components you usually end up using: distributed blob storage (aka S3) asynchronous, durable message… >>> More
Is the PowerPC (G4) architecture better than Intel x86 architecture for certain types of application

as seen on Super User - Search for 'Super User'
I have a PowerMac G4 from around the year 2000. It's a serviceable Unix machine but I don't do much with it since I have plenty of Pentium 4 machines around with Linux on them. I was wondering if the PowerPC based machine is capable of handling certain tasks faster or "better" than Intel based machines… >>> More
SAAS architecture and salesforce database architecture

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am architecting a software project and I want to create a SAAS (Software As a service) one. I want to model my application along the lines of Salesforce. I really like there customization features but I am not sure how they really go about it. I read that they create an ID for every… >>> More
Is there a Telecommunications Reference Architecture?

as seen on Oracle Blogs - Search for 'Oracle Blogs'
@font-face { font-family: "Arial"; }@font-face { font-family: "Courier New"; }@font-face { font-family: "Wingdings"; }@font-face { font-family: "Cambria"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0cm 0cm 0.0001pt; font-size: 12pt; font-family: "Times New Roman"; }p.MsoListParagraph… >>> More