From: William Robertson (wkrcs.ucsb.edu)
Date: Tue May 20 2003 - 02:09:10 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 16 May 2003, xenophi1e [oliver.laverysympatico.ca] wrote:
| There are probably better schemes, but this has the nice property of
| being something you could retrofit without breaking the world. Well, at
| least something you could kinda retrofit if it weren't for some nasty
| implementation details. Are there any products like StackGuard that do
| something like this?
|
| Cheers,
| ~x

My apologies for jumping into this thread so late, but I'm still catching
up on my list mail after being out of town last week. Anyway, some
colleagues of mine and I will be presenting a paper on this topic at LISA
2003. We have an experimental patch for glibc which successfully detects
and prevents heap-based buffer overrun exploits using a random XORed canary
technique. It is fully backwards-compatible with existing software,
requiring only a recompilation of glibc for system-wide coverage, and can
also be used selectively using LD_PRELOAD tricks. We are also working on
ports to the various *BSD allocators.

We're currently running tests and gathering performance data for our paper,
but if anyone is interested in helping to beta test and/or audit, feel free
to email me offline. We are very interested in ironing out any kinks;
based on our testing to date, we believe this is a viable approach to
mitigating heap overrun exploits.

--
| William Robertson | 0x4218A2A6 | wkrcs.ucsb.edu |

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]