Examples: Add automatic bounds checking to a C compiler, or
protecting the return pointer (see
StackGaurd applet)
Pros:
•Adding automatic bounds checking to a C compiler can
prevent many buffer oveflows
•Protecting the return pointer virtually eliminates stack
smashing, which is currently the most
prevalent and disastrous kind of buffer overflow attack
Cons:
•There is a performance overhead, especially for adding
bounds checking to C
compilers
•Protecting the return pointer does not prevent heap-based
attacks, denial-of-service attacks,
or data corruption