| Static prevention by patching library functions in C that constitute potential buffer overflow vulnerabilities. Dynamic prevention through range check before the actual function call which ensures that the return address and the base pointer cannot be overwritten. The first thing done in every function is to copy the return address onto a canary stack located on the heap, and the last thing done before returning is to verify the return address by comparing it with the address saved on the canary stack. The canary stack is not protected(Wil05) Used together with Libsafe |
| •owl:Thing |
| •sec:Countermeasure |
| •sec:MemoryProtection |
| •CopyingAndCheckingTargetData |
| •Libverify |
| CopyingAndCheckingTargetData |
| sec:employedAt HAS sec:AtLoadTime |
| sec:protects SOME sec:_Stack |
| sec:protects ONLY sec:_Stack |
| dc:source | https://www.usenix.org/events/usenix2000/general/full_papers/baratloo/baratloo_html/ |
Class(Libverify partial CopyingAndCheckingTargetData
restriction(sec:employedAt value(sec:AtLoadTime))
restriction(sec:protects someValuesFrom(sec:_Stack))
restriction(sec:protects allValuesFrom(sec:_Stack)))