From owner-freebsd-security Sun Mar 24 14:25:54 2002 Delivered-To: freebsd-security@freebsd.org Received: from k6.locore.ca (k6.locore.ca [198.96.117.170]) by hub.freebsd.org (Postfix) with ESMTP id 9D2FE37B405 for ; Sun, 24 Mar 2002 14:25:49 -0800 (PST) Received: (from jake@localhost) by k6.locore.ca (8.11.6/8.11.6) id g2OMZH913494; Sun, 24 Mar 2002 17:35:17 -0500 (EST) (envelope-from jake) Date: Sun, 24 Mar 2002 17:35:16 -0500 From: Jake Burkholder To: Andrew Griffiths Cc: security@FreeBSD.ORG Subject: Re: page fault. Message-ID: <20020324173516.V90182@locore.ca> References: <200203242143.g2OLh4523143@franklin.nt.tas.gov.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200203242143.g2OLh4523143@franklin.nt.tas.gov.au>; from nullptr@tasmail.com on Mon, Mar 25, 2002 at 08:43:05AM +1100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Apparently, On Mon, Mar 25, 2002 at 08:43:05AM +1100, Andrew Griffiths said words to the effect of; > Hello, > > While testing some code to show the stack ranges on systems, I noticed that freebsd wouldn't segfault when it accessed memory below esp, or the stack bottom. > > Not sure whether its a problem, but I think its worth noting. You mean numerically higher addresses than %esp? Like this? int main(void) { volatile int *v; int a; for (v = &a;; v++) printf("%p: %#x\n", v, *v); } I depends how far you go. A bunch of stuff is copied out to the top of the stack by the kernel so you have some slush to work through. In either direction you'll eventually get a segfault (sigbus in the above case because you run into kernel address space). > > Andrew Griffiths > > -- > www.tasmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message