Bugtraq mailing list archives
Re: fixing all buffer overflows --- random magin numbers
From: oxymoron () WASTE ORG (Oliver Xymoron)
Date: Fri, 17 Sep 1999 11:06:38 -0500
On Tue, 14 Sep 1999, Crispin Cowan wrote:
(post sent as HTML and ASCII because there's a table that's easier to read in HTML. Aleph, go ahead and nuke the HTML if you prefer)
Urg. Pine happily munged it on reply:
The result looks like this: Interface Implementation Restriction * Firewalls * Bounds checking * TCP Wrappers * StackGuard * Randomly renaming system files * Randomly renumbering system Permutation calls (the hack proposed here * Randomly munging by Maniscalco) data layout * Fred Cohen's Deception Toolkit
You missed a couple interesting ones. One is randomly offsetting the stack. Another is having separate stacks for the call chain and local variables. Obviously wastes a register (or an indirection), but can probably be proved secure against stack smashing. -- "Love the dolphins," she advised him. "Write by W.A.S.T.E.."
Current thread:
- Re: fixing all buffer overflows --- random magin numbers nm (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Crispin Cowan (Sep 13)
- Re: fixing all buffer overflows --- random magin numbers Oliver Xymoron (Sep 17)
- Exploit for proftpd 1.2.0pre6 Tymm Twillman (Sep 20)
- Re: fixing all buffer overflows --- random magin numbers Crispin Cowan (Sep 20)
- BP9909-00: cfingerd local buffer overflow Przemyslaw Frasunek (Sep 21)
- Windows IP source routing attack Dug Song (Sep 21)
- FreeBSD-specific denial of service Charles M. Hannum (Sep 21)
- Re: FreeBSD-specific denial of service Alan Cox (Sep 22)
- Re: FreeBSD-specific denial of service Bjoern Fischer (Sep 24)
- Re: fixing all buffer overflows --- random magin numbers Oliver Xymoron (Sep 17)
- Re: fixing all buffer overflows --- random magin numbers Crispin Cowan (Sep 13)