Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Operating system tools –
Disable code execution outside the code space
Disable code execution outside the code space
Example: A patch for Linux
that disables execution of code on the stack as well as maps library function calls to addresses with a zero byte in them
Pros:
–Currently, the most common and most devastating buffer
overflow exploit is stack smashing and this patch makes stack smashing much more difficult
–Does not require that existing software be modified or
recompiled
–A zero byte in the address of a system call forces the
attacker to have a null character in the attack string
Cons:
–Does not prevent all stack smashing attacks, often attack
code can be placed in global variables or on the heap, or library code to spin a shell already exists
in the code space (i.e., system() or execv())
–Crashing still leaves programs open to denial-of-service
and core dump attacks
–A null character in just the right place in an attack
string is not always impossible for an attacker to accomplish, and they can always jump to a small piece of
code in variable space that contains a second jump to the desired location
–Some legitimate programs execute code on the stack, but
very few, and there is a work-around for this