Attacks That Cannot Be Protected Against
Stack-smashing protection is unable to protect against certain forms of attack. For example, it cannot protect against buffer overflows in the heap.
StackGuard and ProPolice cannot protect against overflows in automatically allocated structures which overflow into function pointers. ProPolice at least will rearrange the allocation order to get such structures allocated before function pointers. A separate mechanism for pointer protection was proposed in PointGuard and is available on Microsoft Windows.
There is no sane way to alter the layout of data within a structure; structures are expected to be the same between modules, especially with shared libraries. Any data in a structure after a buffer is impossible to protect with canaries; thus, programmers must be very careful about how they organize their variables and use their structures. In C and C++, structures with buffers should either be malloced or obtained with new.
Read more about this topic: Buffer Overflow Protection
Famous quotes containing the words attacks and/or protected:
“Under peaceful conditions, the warlike man attacks himself.”
—Friedrich Nietzsche (1844–1900)
“The rights and interests of the laboring man will be protected and cared for, not by the labor agitators, but by the Christian men to whom God in His infinite wisdom has given control of the property interests of the country.”
—George Baer (1842–1914)