|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Buffer overflow prevention
From: Jonathan A. Zdziarski (jonathan
networkdweebs.com)
Date: Wed Aug 13 2003 - 13:26:04 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I think this is overkill and will probably cause your applications to
run much slower than they already do. I don't see why one couldn't
simply put the variable information *after* the rest of the stack
information, instead of before, and have the kernel zero out the next
stack frame before it gets written to (although this may cause some
performance problems in itself). This would prevent a buffer overflow
from A) overwriting SS:ESP and B) overflowing code onto the next
stackframe.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]