On 16 May 2003, xenophi1e [oliver.laveryat_private] wrote: | There are probably better schemes, but this has the nice property of | being something you could retrofit without breaking the world. Well, at | least something you could kinda retrofit if it weren't for some nasty | implementation details. Are there any products like StackGuard that do | something like this? | | Cheers, | ~x My apologies for jumping into this thread so late, but I'm still catching up on my list mail after being out of town last week. Anyway, some colleagues of mine and I will be presenting a paper on this topic at LISA 2003. We have an experimental patch for glibc which successfully detects and prevents heap-based buffer overrun exploits using a random XORed canary technique. It is fully backwards-compatible with existing software, requiring only a recompilation of glibc for system-wide coverage, and can also be used selectively using LD_PRELOAD tricks. We are also working on ports to the various *BSD allocators. We're currently running tests and gathering performance data for our paper, but if anyone is interested in helping to beta test and/or audit, feel free to email me offline. We are very interested in ironing out any kinks; based on our testing to date, we believe this is a viable approach to mitigating heap overrun exploits. -- | William Robertson | 0x4218A2A6 | wkrat_private |
This archive was generated by hypermail 2b30 : Tue May 20 2003 - 10:07:23 PDT