Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Compiler tools – Bounds checking
Example: Attempts to add
bounds checking to gcc
Pros:
–Does not require modification of the source code, although you do still have to recompile
Cons:
–Very significant decrease in performance, code size and execution time can double
–All of the programs that a systems administrator wants to protect must be recompiled
–Cannot prevent every possible buffer overflow