From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Ronald F. Guilmette" To: freebsd-hackers@freebsd.org, gnu-gcc@gnu.org Subject: Defending against buffer overflows. Date: Fri, 18 Feb 2000 14:21:00 -0000 Message-id: <12502.950912447@monkeys.com> X-SW-Source: 2000-02/msg00065.html My attention has just been called to: http://immunix.org/StackGuard/mechanism.html Given all of the buffer overrun vulnerabilities that have been found in various network daemons over time, this seems like a worthwhile sort of technique to apply when compiling, in particular, network daemons and/or servers. I don't entirely agree with this fellow's approach however. I think that the ``canary'' word should be located at the bottom end of the current stack frame, i.e. in a place where no buffer overrun could possibly clobber it. Seems to me that this would be a nice and useful little enhancement for gcc. I wouldn't mind having something like a -fbuffer-overrun-checks option for gcc, and I would definitely use it when compiling network daemons. Anybody else got an opinion? From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Ronald F. Guilmette" To: freebsd-hackers@freebsd.org, gnu-gcc@gnu.org Subject: Defending against buffer overflows. Date: Sat, 01 Apr 2000 00:00:00 -0000 Message-ID: <12502.950912447@monkeys.com> X-SW-Source: 2000-q1/msg00259.html Message-ID: <20000401000000.IeexFH-zBW14_Mo4BgvqZekZUYhhub2ypHdVWm_0U0w@z> My attention has just been called to: http://immunix.org/StackGuard/mechanism.html Given all of the buffer overrun vulnerabilities that have been found in various network daemons over time, this seems like a worthwhile sort of technique to apply when compiling, in particular, network daemons and/or servers. I don't entirely agree with this fellow's approach however. I think that the ``canary'' word should be located at the bottom end of the current stack frame, i.e. in a place where no buffer overrun could possibly clobber it. Seems to me that this would be a nice and useful little enhancement for gcc. I wouldn't mind having something like a -fbuffer-overrun-checks option for gcc, and I would definitely use it when compiling network daemons. Anybody else got an opinion?