--- In [email protected], "Pedro Izecksohn" <izecks...@...> wrote: > > I found that static data is executable on some platform.
FYI CentOS 5 (linux): Compiled with gcc version 4.1. Now I'll try to overwrite the beginning of main (int, char **). It caused a SIGSEGV. Continuing. Now I'll try to call a piece of static global data located at 0x804897b. Succeeded. Now I'll try to call a piece of malloced data located at 0x881f008. It caused a SIGSEGV. Continuing. Now I'll try to call a piece of stacked data located at 0xbf9a7113. It caused a SIGSEGV. Continuing. I guess it could be a security risk, like running any 'unknown' code.
