Class: Libsafe

Static prevention by patching standard C library functions that constitute potential buffer overflow vulnerabilities. Dynamic prevention through range check before the actual function call which ensures that the return address and the base pointer cannot be overwritten. (Wil05) Used together with Libverify

•owl:Thing

•sec:Countermeasure

•sec:MemoryProtection

•LibraryWrapper

•Libsafe

Super Classes

sec:protects SOME _StackReturnAddress

LibraryWrapper

sec:protects ONLY _StackReturnAddress

Annotations

dc:source

http://www.research.avayalabs.com/project/libsafe/doc/libsafe.pdf

Abstract Syntax

Class(Libsafe partial restriction(sec:protects someValuesFrom(_StackReturnAddress))
                     LibraryWrapper
                     restriction(sec:protects allValuesFrom(_StackReturnAddress)))

Generated with OWLDoc