Bugtraq mailing list archives
Re: Buffer overflow prevention
From: Peter Busser <peter () trusteddebian org>
Date: Fri, 15 Aug 2003 10:32:14 +0200
Hi!
There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will implement ProPolice stack protection. It should prevent stack smashing techniques.That is not actually in the standard GCC; it is in a forked GCC that OpenBSD chooses to ship.
Adamantix and Gentoo Hardened also ship this patched GCC compiler.
We (Immunix) are in the process of trying to make StackGuard (the original) meet all of the criteria required for acceptance into GCC. At the GCC Summit <http://www.gccsummit.org/2003/> in May, we presented a StackGuard talk <http://www.gccsummit.org/2003/view_abstract.php?talk=31> on that topic.
I would rather see Hiraoke Etoh's Stack Smashing Protector (aka ProPolice) as standard stack-smashing protection mechanism in GCC than StackGuard. Groetjes, Peter Busser -- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
Current thread:
- Re: Buffer overflow prevention, (continued)
- Re: Buffer overflow prevention Sam Baskinger (Aug 14)
- Re: Buffer overflow prevention Crispin Cowan (Aug 15)
- Re: Buffer overflow prevention weigelt (Aug 15)
- Re: Buffer overflow prevention Sam Baskinger (Aug 14)
- Re: Buffer overflow prevention Jonathan A. Zdziarski (Aug 13)
- Re: Buffer overflow prevention Andreas Beck (Aug 14)
- Re: Buffer overflow prevention Jingmin (Jimmy) Zhou (Aug 13)
- Re: Buffer overflow prevention Craig Pratt (Aug 13)
- Re: Buffer overflow prevention Patrick Dolan (Aug 13)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 14)
- Re: Buffer overflow prevention Crispin Cowan (Aug 14)
- Re: Buffer overflow prevention Peter Busser (Aug 15)
- RE: Buffer overflow prevention Lance James (Aug 14)
- Re: Buffer overflow prevention Patrick Dolan (Aug 14)
- Re: Buffer overflow prevention Jedi/Sector One (Aug 14)
- Re: Buffer overflow prevention Stephen Clowater (Aug 14)
- Re: Buffer overflow prevention Peter Busser (Aug 15)
- Re: Buffer overflow prevention Solar Designer (Aug 15)
- Re: Buffer overflow prevention Peter Busser (Aug 15)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 14)
- Re: Buffer overflow prevention Theo de Raadt (Aug 14)
- Re: Buffer overflow prevention Matt D. Harris (Aug 14)
- Re: Buffer overflow prevention sauron (Aug 14)
- Re: Buffer overflow prevention Theo de Raadt (Aug 14)
(Thread continues...)