![]() ![]() Before returning from the function, the stored canary value in the stack is checked. In order to detect this case, a “canary value” is added to the stack before other values are declared. The fundamental assumption behind the approach is that most stack buffer overflows occur by writing past the end of a function’s stack frame. In this article, we’ll discuss stack smashing protection ( SSP), related compiler flags, and an implementation that is suitable for use on microcontrollers.Ĭlang, GCC, and related compilers implement stack smashing protection (SSP) using StackGuard. This support can be enabled in our programs by setting a few compiler flags. When conditions are right, an attacker can insert executable instructions into the program and gain unintended access to a system.Ĭlang, GCC, and other related compilers provide built-in support for detecting stack buffer overflows and aborting a program if one is detected. An attacker can deliberately trigger a stack buffer overflow as part of a “stack smashing” attack. These errors also create potential security vulnerabilities in our programs. A stack buffer overflow occurs when a program writes to a memory address on the stack which is outside of its current stack frame, often triggered by a buffer overflow on a local stack variable. In: USENIX security symposium, San Francisco, pp 191–206Īkritidis P, Markatos E, Polychronakis M, Anagnostakis K (2005) STRIDE: polymorphic sled detection through instruction sequence analysis.Stack buffer overflows are a category of error that can wreak havoc on our programs, resulting in sporadic crashes or strange and unexpected program behaviors. Kiriansky V, Bruening D, Amarasinghe S (2002) Secure execution via program shepherding. In: ASPLOS, New York, pp 85–96Ĭrandall J, Chong F (2004) Minos: control data attack prevention orthogonal to memory model. Suh G, Lee J, Zhang D, Devadas S (2004) Secure program execution via dynamic information flow tracking. In: ACM CCS, Washington, DC, pp 281–289Ībadi M, Budiu M, Erlingsson U, Ligatti J (2005) Control-flow integrity. In: ACM CCS, Washington, DC, pp 272–280īarrantes E, Ackley D, Forrest S, Palmer T, Stefanovic D, Zovi D (2003) Randomized instruction set emulation to disrupt binary code injection attacks. Kc G, Keromytis A, Prevelakis V (2003) Countering code-injection attacks with instruction-set randomization. In: USENIX security symposium, San Antonio, pp 63–78 In: ACM CCS, Washington, DC, pp 298–307Ĭowan C, Pu C, Maier D, Hinton H, Bakke P, Beattie S, Grier A, Wagle P, Zhang Q (1998) Stackguard: automatic detection and prevention of buffer-overflow attacks. Shacham H, Page M, Pfaff B, Goh EJ, Modadugu N, Boneh D (2004) On the effectiveness of address-space randomization. ![]() ![]() In: USENIX security symposium, Washington, DC, pp 105–120 In: ACM CCS, Alexandria, pp 322–335īhatkar S, DuVarney D, Sekar R (2003) Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: USENIX security symposium, Baltimore, pp 177–192Ĭadar C, Ganesh V, Pawlowski P, Dill D, Engler D (2006) EXE: automatically generating inputs of death. In: ACM CCS, Alexandria, pp 552–561Ĭhen S, Xu J, Sezer E, Gauriar P, Iyer R (2005) Non-control-data attacks are realistic threats. Shacham H (2007) The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). Levy E (1996) Smashing the stack for fun and profit.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |