Attacks That Cannot Be Protected Against
Stack-smashing protection is unable to protect against certain forms of attack. For example, it cannot protect against buffer overflows in the heap.
StackGuard and ProPolice cannot protect against overflows in automatically allocated structures which overflow into function pointers. ProPolice at least will rearrange the allocation order to get such structures allocated before function pointers. A separate mechanism for pointer protection was proposed in PointGuard and is available on Microsoft Windows.
There is no sane way to alter the layout of data within a structure; structures are expected to be the same between modules, especially with shared libraries. Any data in a structure after a buffer is impossible to protect with canaries; thus, programmers must be very careful about how they organize their variables and use their structures. In C and C++, structures with buffers should either be malloced or obtained with new.
Read more about this topic: Buffer Overflow Protection
Famous quotes containing the words attacks and/or protected:
“The gray glaze of the past attacks all know-how....”
—John Ashbery (b. 1927)
“If one really wishes to know how justice is administered in a country, one does not question the policemen, the lawyers, the judges, or the protected members of the middle class. One goes to the unprotected—those, precisely, who need the laws’s protection most!—and listens to their testimony.”
—James Baldwin (1924–1987)