What hardware or software solutions can be used to prevent of stack overflows?_问答_开发者

What hardware or software solutions can be used to prevent of stack overflows?

开发者 https://www.devze.com 2023-02-19 14:37 出处：网络

What is 开发者_运维技巧the hardware solution for prevention of stack overflow? For example, when we want to design a new operating system, how can we prevent stack overflows?

Thank you

If code can be statically confirmed not to have any direct or indirect recursion, static analysis can yield a worst-case stack usage. Make sure the stack is big enough and there won't be any stack overflow. The biggest difficulty is that it may be hard to determine which functions can be called by which function pointers. For example, if one function pointer can point to foo1() or foo2(), another can point to bar1() or bar2(), and foo1() calls the second function pointer (thus reaching bar1 or bar2) there would be no possibility of recursion, but if the compiler can't determine that the second pointer can only point to bar1() or bar2() it might not know that.

If an application can be determined to be non-recursive, and if the static-analysis worst-case call-graph isn't too much worse than what can actually happen, it may be possible to avoid the stack entirely and allocate all variables statically. In some cases (especially on architectures without efficient indexing) this approach may substantially improve performance compared with using a stack.

From a security standpoint, a good means of avoiding stack/buffer overflow exploits is to avoid storing real program-counter addresses anywhere that "normal" pointers can access. Store the program-counter stack entirely separately from the parameter/auto-variable stack, and don't store any function pointers directly. Instead have every "function pointer" be an index into a table of functions having the same signature, and check the index to ensure it's in range before using it; if two or more groups of functions have different security implications and should be called by completely different pointers, tweak the signature of one group if needed to make it different from the other (so a calls to a function in the first group can't be converted to a call to a function in the second).

The Harvard Architecture provides some protection from stack overflow attacks. Are Harvard architecture computers immune to arbitrary code injection and execution attacks?

But, at the OS level you might want to consider having a non-executable stack.

You may be surprised, but one of the options is stackless hardware architecture (either real or emulated) (discussed here). Apparently, no stack - no stack overflows.

Some microcontrollers provide for a hardware trap when the stack is at a predefined threshold. This can either be used to shutdown gracefully, or to page the stack out to external RAM and start afresh. There's a similar "underflow" trap to page the old stack back in.