* Return address checking for buffer overflow exploit
@ 2003-04-27 20:27 markw
0 siblings, 0 replies; only message in thread
From: markw @ 2003-04-27 20:27 UTC (permalink / raw)
To: gcc
I had an idea, I'm not sure how practical it would be to implement, but....
On functions which allocate arrays on the stack, have the option of
inserting return address checking. This should be effective because it
works "pre-exploit."
The idea is that one of the ways an exploit gains control is to send
data which overwrites the return address and thus transfers control to
foreign code. On functions with return address checking, this would
cause the program to assert and fail.
If some compiler flag is set, i.e. --with-return-address-checking
Functions which declare an automatic array will add one more invisible
automatic variable below all the arrays which contain either a checksum
or the actual return address. Upon return, this variable is checked with
what the intended return address is, if they are not the same, then an
assert error is made and the program exits.
There could be implemented with varying degrees, i.e. every function
could check the return address or only functions with automatic arrays.
Pragmas can also be used to force certain functions either to have or
not have the checking.
#pragma check_return_address
#pragma nocheck_return_address
What do you guys think?
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-04-27 15:06 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-04-27 20:27 Return address checking for buffer overflow exploit markw
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).