Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Compiler tools – Bounds checking
•Example: Attempts to add
bounds checking to gcc
•Pros:
–Does not require modification of the source code, although you do still have
to recompile
•Cons:
–Very significant decrease in performance, code size and execution time can
double
–All of the programs that a systems administrator wants to protect must be
recompiled
–Cannot prevent every possible buffer overflow