Re: Libsafe Protecting Critical Elements of Stacks

[emsi () IT PL (Mariusz Woloszyn)]

On Tue, 25 Apr 2000, Crispin Cowan wrote:

> JEFF PFOHL wrote:
>
> > Does anyone know anything about this?
> >
> >  http://www.bell-labs.com/org/11356/html/security.html
>
> Solar Designer has posted his analysis to the Linux security-audit
> mailing list
> http://www2.merton.ox.ac.uk/~security/security-audit-200004/0069.html .
> Perry Wagle (principle StackGuard developer, cc'd) has written an
> analysis comparing StackGuard to libsafe (attached).  The summary is as
> follows:
>
>    * Use StackGuard where you can, because it is safer:
>         o Libsafe only wraps selected string library functions.  Buffer
>           overflows affecting other library functions or user-written
>           loops will not be protected
>         o Libsafe attempts to wrap these functions by parsing the stack,
>           but it doesn't always succeed.  In particular, libsafe depends
>           on the existance of the frame pointer, and fails when it isn't
>           present, as happens if the code was compiled with -fno_fp, or
>           if the optimizer removed the frame pointer.
>    * Use Libsafe where you cannot use StackGuard, i.e. for binary-only
>      applications.
Most of what we presented in Phrack article
(http://phrack.infonexus.com/search.phtml?view&article=p56-5) works
against libsafe as it protects only RET value using frame pointer to
determine place of local variables.

Is there any compilation time tool (could be lots of macros ;)that uses
buffer size declarations to protect against overflows?


--
Mariusz Wo³oszyn
Internet Security Specialist, Internet Partners, GTS Poland