The program below is implemented with the sole intention to show how to use procedures as parameters to procedures. However, it works when compiled with SUN Workshop Pascal but not when compiled with GNU Pascal. When trying to start it when compiled with GNU Pascal (version 20010623 on a Solaris 8, Ultra 5) I get the following error message:
Oct 26 17:05:11 serafim.nada.kth.se genunix: NOTICE: test[4264] attempt to execute code on stack by uid 1167 Segmentation Fault
Here is the program: -------- PROGRAM test(input,output); CONST low = 1; high = 10; TYPE index = low..high; natural = 0..Maxint; item = natural; intTable = ARRAY [index] OF item;
VAR table : intTable;
PROCEDURE doToEach(VAR t: intTable; PROCEDURE toDo(VAR i: item)); PROCEDURE iter(n: index); BEGIN toDo(t[n]); IF n < high THEN iter(Succ(n)) END; BEGIN iter(low) END;
FUNCTION sum(VAR t: intTable): item; VAR tmpSum: item; PROCEDURE addItem(VAR i: item); BEGIN tmpSum := tmpSum + i END; BEGIN tmpSum := 0; doToEach(t, addItem); sum := tmpSum END;
PROCEDURE readTable(VAR t: intTable); PROCEDURE readItem(VAR i: item); BEGIN Read(i) END; BEGIN doToEach(t, readItem) END;
BEGIN Write('Enter ten numbers '); readTable(table); Writeln('The sum is ', sum(table):1); END. -------------
Now to my questions:
1. Is it the case that code actually executes on the stack? 2. If you say yes to 1., is it possible to compile GPC in a way that avoids this? The systems group at my job is not likely to back on security issues. The 'noexec_user_stack' flag is set on all computers in the network. I hope that it is possible as I am using GPC in a course and I don't like to go back to SUN Pascal, which I consider as inferior to GPC.
Regards, Serafim Dahl Dept. of Comp.Sci. at The Royal Institute of Technology in Stcokholm.
Serafim Dahl wrote:
[...]
Now to my questions:
- Is it the case that code actually executes on the stack?
Yes (a few instructions, a so called "trampoline" is temporarily built and executed on the stack when local routines are used as procedural parameters).
- If you say yes to 1., is it possible to compile GPC in a way that avoids this?
I'm not really familiar with this, but there seems to be code for this problem for the 64 bit Sparc V9 configuration. I'm not sure if your hardware is of this type. If so, you might want to try something like `--target=sparcv9-sun-solaris2' when configuring (and the rebuilding) GPC. (This assumes gcc 2.95.x is used.)
If not, it might help to copy the definition of TRANSFER_FROM_TRAMPOLINE from gcc/config/sparc/sol2-sld-64.h to the approriate file used for your system in the same directory (configure should tell you which one: "Using ... as target machine macro file"). But this is untested ...
Otherwise, write again. I think, using some extra runtime code should be possible then ...
The systems group at my job is not likely to back on security issues. The 'noexec_user_stack' flag is set on all computers in the network.
Though as far as I was told in a security workshop, this is almost snake oil (i.e., it prevents certain out-of-the-box attacks, but leaves other possibilities for attacks if the program is vulnerable to buffer overruns etc. at all, so it will be only a matter of time until the script kiddies have upgraded their tools), but anyway ...
Frank