using different bases for code, data and stack segments

using different bases for code, data and stack segments


I have a question regarding the memory models. As far as I know under windows, CS and DS "overlap" i.e. they have the same base address in the LDT.THe consequence is thatit is possible to dynamically generate code as data (thunking) and execute it.

My question is: is there a good reason why is mechanism built into IA32 since x386 not being used? in my mind, if entries in LDT for CS, DS and SS had different bases, with proper limits,there would be no possiblity of executing data or segment at all, thus improving security.

Are there any OS-s that run on intel platforms that actually separate those segments?

Thank you

3 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

This question has made the rounds among our various technicalcontacts, but we haven't yet found any answers for you.

Are there others reading this who can provide input?


Lexi S.

IntelSoftware NetworkSupport

Contact us

This is a consequence of "Flat Model" programming where code and data lie within a unified address space.

Note, while by convention in "Flat Model" mode CS, DS and SS all map to the same virtual address it is up to the operating system to manage the virtual addres page tables. Newer revisions of the IA32 and EMT64 processors have added an Execute Disable bit to the page table entries. Thus on newer processors and on newer operating systems that use Execute Disable you can protect various address ranges (pages).

Since Windows XP SP2 you have the option of using Execute Disable

Jim Dempsey

Leave a Comment

Please sign in to add a comment. Not a member? Join today