Turning a SIGSEGV into a regular function call under Linux, allowing throw
FeepingCreature
default_357-line at yahoo.de
Wed Mar 14 13:54:02 PDT 2012
On 03/14/12 21:08, Don Clugston wrote:
>
> I didn't realize that was possible. Very interesting.
> As it stands, though, that's got some pretty serious issues.
>
> You are on the stack of the function that was called, but you don't know for sure that it is a valid stack.
>
> asm {
> push EBX;
> mov EBX, ESP;
> mov ESP, 0; // Look ma, no stack!
>
> mov int ptr [ESP], 0; // segfault -- null pointer exception
>
> mov ESP, EBX;
> pop EBX;
> }
>
> Now, your user space handler will cause another segfault when it does the mov [ESP], 0. I think that gives you an infinite loop.
>
I think that case is sufficiently rare that it'd have to count somewhere between "act of god" and "outright developer malice". The assumption that the stack frame is valid is, I'd say, safe to make in the vast majority of cases. You pretty much have to actively try to break it, for no clearly discernible reason.
More information about the Digitalmars-d
mailing list