Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have seen that ARM uses a link register, and wondered is it unwritable by an user space malicious code?
I mean you can’t do a stackoverflow attack and override the return address on the stack (like in x86).
The link register makes it slightly harder to overwrite it with the user input, but definitely not impossible. The most common reason is nested functions: if you’re calling another function, you have to store the current LR somewhere since it will be clobbered by the call. The logical place for it is the stack, with the other saved registers, and that’s what most compilers do. Thus, a buffer overflow still can overwrite the saved LR, and the control transfer can happen when that saved value is popped and used to “return to the caller”.