From: Frederico Silva Correa <fscorrea@inf.ufrgs.br>
To: libc-alpha@sourceware.org
Subject: clone() and Glibc
Date: Thu, 30 Mar 2023 20:35:16 -0300 [thread overview]
Message-ID: <9b0e446e29a20f2ad1903e5cf681bffa@inf.ufrgs.br> (raw)
Dear developers of the GNU libc:
At the quality of a novice, recently graduated in CS (despite familiarized
with both C and C++), I found myself puzzled by a little issue.
Glibc provides a wrapper for the clone() system call, which receives
parameters in the following order:
- a pointer to the function "func" to be run by the child thread;
- a base address for the child stack (we'll be back here), since I'm passing
CLONE_VM, therefore sharing memory thus unable to reuse the parent thread's
stack addresses;
- 0x100 or the flag CLONE_VM;
- a pointer to the arguments to be passed to "func" and run with the child
thread.
Automatic storage local variables are usually placed into the stack, which
remains more or less a fixed value, decided when the application is run, is
that correct?
Very well. What, then, would be a stack frame whose "base address" I myself
malloc'd (at the HEAP) then arbitrarily decided that space --- again, a
priori in the heap --- to be treated like a stack frame pertaining to the
child thread.
How am I supposed to interpret all of this? The space allocated at the heap
need to be freed in the first place? Is this so-called "stack" on the heap?
Or is it a regular stack frame? What about the potential threatens related to
e.g. ret2plt and format string attacks?
I'd be very pleased to have these questions clarified, both as a language
enthusiast and as an user with security worries.
Thanks in advance.
--
Frederico Corrêa - 118775
next reply other threads:[~2023-03-30 23:35 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-30 23:35 Frederico Silva Correa [this message]
2023-03-31 12:52 ` Adhemerval Zanella Netto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9b0e446e29a20f2ad1903e5cf681bffa@inf.ufrgs.br \
--to=fscorrea@inf.ufrgs.br \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).