Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Language tools
Examples: Java, Perl, Ada, Cyclone, or any language that is not as
susceptible to buffer overflows as C/C++, or
components/libraries for C/C++ that are less susceptible to buffer overflows
Pros:
•Use of better languages or
libraries will greatly ameliorate the buffer overflow
problem
Cons:
•The programmer still has to
be able to know how to handle long input strings –
Should the input be truncated? Rejected?
Should the buffer be
resized? Should the program
halt?
•C/C++ are popular languages and there are valid reasons
for using them
•Reused C code must be heavily
modified to use new libraries