next up previous
Next: Attack Scenarios and their Up: Protecting from stack-smashing attacks Previous: Protecting from stack-smashing attacks


Introduction

Most applications written in C use a buffer, which is a memory block that holds several instances of the same data type, normally character arrays, on the stack to temporarily hold the intermediate results of string operations. A stack-smashing attack overflows such a buffer by providing a longer string than the actual size of the buffer. This causes the destruction of the contents beyond the buffer, where such contents may include the return address of the caller function and function pointers.

This paper presents a systematic solution to the problem of buffer overflow attacks. Our approach is based on a protection method that automatically inserts protection code into an application at compilation time. The main ideas are (1) the reordering of local variables to place buffers after pointers to avoid the corruption of pointers that could be used to further corrupt arbitrary memory locations, (2) the copying of pointers in function arguments to an area preceding local variable buffers to prevent the corruption of pointers that could be used to further corrupt arbitrary memory locations, and the (3) omission of instrumentation code from some functions to decrease the performance overhead.

Section 2 classifies attack methods to provide background for explaining how our method protects against the attack. Section 3 describes related work for defense against stack-smashing attacks. Section 4 provides the protection method and explains how it optimizes the performance overhead. We'll show some experimental results in Section 5. Finally, Section 6 presents conclusions and discusses issues for future work.


next up previous
Next: Attack Scenarios and their Up: Protecting from stack-smashing attacks Previous: Protecting from stack-smashing attacks
Etoh
2000-11-08