what is exactly stack stomp "-gx" new switch ?
Ali Çehreli via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Tue Jul 15 16:56:56 PDT 2014
On 07/15/2014 04:33 PM, bearophile wrote:
> Klb:
>
>> ...and any example where this switch will be usefull ?
>
> I guess it was added to D in the spirit of "If you have to ask what it
> is, then you don't need to use it".
>
> More seriously, I too would like more documentation about its use cases.
>
> Bye,
> bearophile
Just from the name of it, it sounds like the program stack will be
cleared at certain times, likely when exiting functions, to clear
sensitive information. And my test supports that idea.
Here is some malicious function trying to read data from the stack's
earlier contents:
import std.stdio;
void foo(char c)
{
char buffer[100];
foreach (ref b; buffer) {
b = c;
}
}
void malicious()
{
char buffer[100] = void;
writeln("Let's see what we'll find on the stack...");
foreach (b; buffer) {
write(b);
}
writeln;
}
void main()
{
foo('a');
malicious();
}
When I run the program without -gx, malicious() prints the contents that
are left from foo()'s execution.
Ali
More information about the Digitalmars-d-learn
mailing list