•Example: A patch for Linux
that disables execution of code on the stack as well as maps library function calls to addresses
with a zero byte in them
•Pros:
–Currently, the most common and most devastating buffer overflow exploit is
stack smashing and this patch makes stack smashing
much more difficult
–Does not require that existing software be modified or recompiled
–A zero byte in the address of a system call forces the attacker to have a
null character in the attack string
•Cons:
–Does not prevent all stack smashing attacks, often attack code can be
placed in global variables or on the heap, or library code
to spin a shell already exists in the code space (i.e., system() or
execv())
–Crashing still leaves programs open to denial-of-service and core dump
attacks
–A null character in just the right place in an attack string is not always
impossible for an attacker to accomplish, and they can
always jump to a small piece of code in variable space that contains a second jump to the desired
location
–Some legitimate programs execute code on the stack, but very few, and
there is a work-around for this