Attacks That Cannot Be Protected Against
Stack-smashing protection is unable to protect against certain forms of attack. For example, it cannot protect against buffer overflows in the heap.
StackGuard and ProPolice cannot protect against overflows in automatically allocated structures which overflow into function pointers. ProPolice at least will rearrange the allocation order to get such structures allocated before function pointers. A separate mechanism for pointer protection was proposed in PointGuard and is available on Microsoft Windows.
There is no sane way to alter the layout of data within a structure; structures are expected to be the same between modules, especially with shared libraries. Any data in a structure after a buffer is impossible to protect with canaries; thus, programmers must be very careful about how they organize their variables and use their structures. In C and C++, structures with buffers should either be malloced or obtained with new.
Read more about this topic: Buffer Overflow Protection
Famous quotes containing the words attacks and/or protected:
“We are seeing an increasing level of attacks on the “selfishness” of women. There are allegations that all kinds of social ills, from runaway children to the neglected elderly, are due to the fact that women have left their “rightful” place in the home. Such arguments are simplistic and wrongheaded but women are especially vulnerable to the accusation that if society has problems, it’s because women aren’t nurturing enough.”
—Grace Baruch (20th century)
“U.S. international and security policy ... has as its primary goal the preservation of what we might call “the Fifth Freedom,” understood crudely but with a fair degree of accuracy as the freedom to rob, to exploit and to dominate, to undertake any course of action to ensure that existing privilege is protected and advanced.”
—Noam Chomsky (b. 1928)