|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Buffer overflow prevention
From: Jedi/Sector One (j
pureftpd.org)
Date: Thu Aug 14 2003 - 13:47:21 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Aug 14, 2003 at 07:26:47PM +0200, Mariusz Woloszyn wrote:
> What we're discussing here is an internal structures and data protecting.
> IMHO the ProPolice (http://www.research.ibm.com/trl/projects/security/ssp/),
> is the best protection in this kind, even comparing to "two stack"
> approach.
ProPolice is not magical, though. There are plenty of cases where it is
totally inefficient. To illustrate a very common one :
#include <string.h>
struct Test {
char str[5];
};
int main(void)
{
struct Test x;
strcpy(x.str, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
return 0;
}
Propolice doesn't see anything wrong and eip happily goes to 0x41414141.
Propolice also doesn't give any protection against heap overflows.
So the best protection is probably Propolice + non exec stack + write xor
executable pages. Oh, surprise, this is just how OpenBSD works.
This is still not a magical protection against everything. A vulnerable
application can still behave abnormally after an overflow. But this couple
makes injection + execution of arbitrary code way more tricky.
The only way to sleep quietly is still to audit the code at the first place.
--
__ /*- Frank DENIS (Jedi/Sector One) <j42-Networks.Com> -*\ __
\ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' /
\/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]