Buffer overflow - PowerPoint PPT Presentation

1 / 4
About This Presentation
Title:

Buffer overflow

Description:

Canary. Place a 'canary' word next to the return address on the stack. ... Canary. 0 (null), CR, LF, -1 (EOF) When the program reach the termination canary , ... – PowerPoint PPT presentation

Number of Views:63
Avg rating:3.0/5.0
Slides: 5
Provided by: nguyenq5
Category:

less

Transcript and Presenter's Notes

Title: Buffer overflow


1
Buffer overflow
  • Attacker can exploit
  • Activation records
  • Attack return address
  • Function pointers
  • Example void ( foo) () declares the variable
    foo which is of type pointer to function
    returning void
  • Longjmp buffers
  • setjmp(buffer) to go to checkpoint, and
    longjmp(buffer) to go back to the checkpoint.
  • ? attack longjmp

2
Stack smashing attack
3
Canary
  • Place a canary word next to the return address
    on the stack.
  • Stack smashing attack occurs ? canary is
    overlapped
  • ? Detect

4
Canary
  • Problem attackers can forge the canary.
  • Solutions
  • Terminator Canary
  • 0 (null), CR, LF, -1 (EOF)
  • When the program reach the termination canary ,
    it stops.
  • Random Canary
  • 32-bit random number chosen secretly at the time
    the program starts.
  • StackGuard is a compiler technique that use
    canary (a small patch to gcc that enhances the
    code generator).
Write a Comment
User Comments (0)
About PowerShow.com