Buffer
Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle.
http://sfsecurity.pr.erau.edu.
Compiler tools
Examples: Add automatic bounds checking to a C compiler, or
protecting the return pointer (see
StackGaurd applet)
Pros:
•Adding automatic bounds
checking to a C compiler can prevent many buffer
oveflows
•Protecting the return pointer
virtually eliminates stack smashing, which is
currently the most prevalent and disastrous kind of buffer overflow attack
Cons:
•There is a performance
overhead, especially for adding bounds checking
to C compilers
•Protecting the return pointer
does not prevent heap-based attacks, denial-of-service
attacks, or data corruption