StackSmashing is when an attacker purposely overflows a buffer on stack to get access to forbidden regions of computer memory. This is really bad. A stack smash is based upon these attributes of common implementations of C and C++:
The risks of StackSmashing attacks can be reduced by writing in a language that performs bounds checking on arrays and running daemons with restricted permissions. In a language like C, which does not perform bounds checking, you can use system calls to allocate a page to act as the buffer and deallocate the surrounding pages so that any attempt to read or write outside the buffer causes a hardware trap.
One of the earliest lessons in classes I taught to CeeLanguage students under my tutelage was that any input to a buffer that didn't explicitly have bounds checking (e.g. scanf()) was strengt verboten and any work submitted where this was detected was subject to grade penalties.
It wasn't about security in those days, just about really hard-to-catch bugs. Security was/is the happy by-product of such diligence.
Q: If I overflow the program's stack to kill the program, is that a stack smash?
A: No. Overflowing a program's stack as a denial of service attack is not a stack smash. A stack smash purposefully changes variables and internal language data structures that the deliverer of the data is not supposed to have access to. Also, a stack smash leaves the attacked programming running, at least for long enough to do the attacker's bidding.
Q: Is Java succeptible to stack smashing?
A: No, because (a) Java checks the bounds of array accesses (b) Java arrays are always allocated on the heap and (c) there is no way to write data of arbitrary length into primitive values on the Java stack.
Q: What kinds of programs get stack smashed?
A: Programs which process data received from the internet are especially vulnerable. Mail daemons are especially vulnerable, since they commonly run as root and process data of arbitrary length received from anyone on the internet. Sendmail is the canonical example of a vulnerable (and venerable) mail daemon.
Q: Does a program have to be recursive to be stack smashed?
A: No. It just has to not check the length of the data it received before storing it in a stack-based array.
Q: Are there stack smashing exploits that are specific to recursive programs?
A:
Q: Why should I know about stack smashing? Don't only bad guys need to know about it?
A: If you don't know how it works, you can't protect your own systems against it.
Q: Will you teach me how to stack smash so I can break into systems?
A: No. Go away.
For a linux defense against stack-smashing attacks, check out StackGuard at http://immunix.org
-- JohnWatson
Be careful not to confuse StackSmashing with SmackStashing.