Vulnerability Development mailing list archives
Re: stackguard-like embedded protection
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Tue, 5 Sep 2000 10:49:06 +0200
Obviously the version presented is NOT secure as stackguard. This want not be a stackguard replacement -- it's just an idea.
Uhmm.. Obviously, the current solution with only one variable won't be enough for any real world example; but if hacked to use a 100.000 array or something it would be possible to apply to most realworld examples [assuming you don't use functions heavily dependant on recursion]
As suggested by Alessandro Rubini there is also a problem with this approach: it seems directed to the programmer. The programmer should not think in terms of stack protection tricks, but in terms of good programming.
a minipatch could be created, alas if you temporarily are using a couple of functions you are going to rewrite, this could do until then. I would agree with Alessandro Rubini if we're talking about 'final' revisions. But in alpha releases or betas with limited availability, this hack could be usefull. My greatest problem with this approach is that it may give a false sense of security. Example: a() { b(); } is changed to a() { safe_enter; b(); safe_leave; } To most readers, it would indicate a() to be secure, where as a() really hasn't any control over what's happening - overflows or formatation bugs in b() will allow attackers to modify return adress and supply malicious code.
Agreed at all, even if from the state of view of the redundancy this helps. So, sorry for this bad coding example.
I enjoyed the post. I like things to think on :) ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: stackguard-like embedded protection, (continued)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 05)
- Re: stackguard-like embedded protection Benjamin Karas (Sep 05)
- Re: stackguard-like embedded protection Bluefish (P.Magnusson) (Sep 05)
- Re: stackguard-like embedded protection Greg KH (Sep 05)
- Re: stackguard-like embedded protection Juliano Rizzo (Sep 06)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 05)
- Re: stackguard-like embedded protection H D Moore (Sep 05)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 06)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 06)
- Re: stackguard-like embedded protection Slawek (Sep 07)
- Re: stackguard-like embedded protection antirez (Sep 08)
- Message not available
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 12)
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 12)
- Re: stackguard-like embedded protection Bluefish (P.Magnusson) (Sep 07)
- Re: stackguard-like embedded protection typo (Sep 07)