Wikipedia

Buffer overflow protection: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
GreenC bot (talk | contribs)
Bots
3,062,661 edits
Rescued 1 archive link. Wayback Medic 2.5 per WP:URLREQ#blogs.msdn.com
m unpiped links using script
Line 1:
{{Short description|Software security techniques}}
 
'''Buffer overflow protection''' is any of various techniques used during software development to enhance the security of executable programs by detecting [[buffer overflow]]s on [[call stack|stack]]-allocated variables, and preventing them from causing program misbehavior or from becoming serious [[computer security|security]] vulnerabilities. A stack buffer overflow occurs when a program writes to a memory address on the program's call stack outside of the intended data structure, which is usually a fixed-length buffer. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than what is actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, which could lead to program crashes, incorrect operation, or security issues.
 
Line 65 ⟶ 66:
In 2012, [[Google]] engineers implemented the <kbd>-fstack-protector-strong</kbd> flag to strike a better balance between security and performance.<ref>{{cite web|url=https://gcc.gnu.org/ml/gcc-patches/2012-06/msg00974.html |title=Han Shen(ææ) - [PATCH&#93; Add a new option "-fstack-protector-strong" (patch / doc inside) |publisher=Gcc.gnu.org |date=2012-06-14 |access-date=2014-04-27}}</ref> This flag protects more kinds of vulnerable functions than <kbd>-fstack-protector</kbd> does, but not every function, providing better performance than <kbd>-fstack-protector-all</kbd>. It is available in GCC since its version 4.9.<ref>{{cite web|last1=Edge|first1=Jake|title="Strong" stack protection for GCC|url=https://lwn.net/Articles/584225/|website=Linux Weekly News|access-date=28 November 2014|date=February 5, 2014|quote=It has made its way into GCC 4.9}}</ref>
 
All [[Fedora (operating system)|Fedora]] packages are compiled with <kbd>-fstack-protector</kbd> since Fedora Core 5, and <kbd>-fstack-protector-strong</kbd> since Fedora 20.<ref>{{cite web|url=https://fedoraproject.org/wiki/Security_Features#Stack_Smash_Protection.2C_Buffer_Overflow_Detection.2C_and_Variable_Reordering |title=Security Features |publisher=FedoraProject |date=2013-12-11 |access-date=2014-04-27}}</ref><ref>{{cite web|url=https://fedorahosted.org/fesco/ticket/1128 |title=#1128 (switching from "-fstack-protector" to "-fstack-protector-strong" in Fedora 20) – FESCo |publisher=Fedorahosted.org |access-date=2014-04-27}}</ref> Most packages in [[Ubuntu (operating system)|Ubuntu]] are compiled with <kbd>-fstack-protector</kbd> since 6.10.<ref>{{cite web|url=https://wiki.ubuntu.com/Security/Features#stack-protector |title=Security/Features - Ubuntu Wiki |publisher=Wiki.ubuntu.com |access-date=2014-04-27}}</ref> Every [[Arch Linux]] package is compiled with <kbd>-fstack-protector</kbd> since 2011.<ref>{{cite web|url=https://bugs.archlinux.org/task/18864 |title=FS#18864 : Consider enabling GCC's stack-smashing protection (ProPolice, SSP) for all packages |publisher=Bugs.archlinux.org |access-date=2014-04-27}}</ref> All Arch Linux packages built since 4 May 2014 use <kbd>-fstack-protector-strong</kbd>.<ref>{{cite web |url=https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/pacman&id=695ca25d4c24f3bd3b8c350d64f2697c733d5169 |archive-url=https://archive.today/20140718035407/https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/pacman&id=695ca25d4c24f3bd3b8c350d64f2697c733d5169 |url-status=dead |archive-date=July 18, 2014 |title=svntogit/packages.git - Git clone of the 'packages' repository }}</ref> Stack protection is only used for some packages in [[Debian]],<ref>{{cite web |url=http://outflux.net/debian/hardening/ |title=Debian Security Hardening Statistics |publisher=Outflux.net |access-date=2014-04-27 |archive-date=2014-04-28 |archive-url=https://web.archive.org/web/20140428012424/http://outflux.net/debian/hardening/ |url-status=dead }}</ref> and only for the [[FreeBSD]] base system since 8.0.<ref>{{cite web|url=http://www.freebsd.org/releases/8.0R/relnotes.html |title=FreeBSD 8.0-RELEASE Release Notes |publisher=Freebsd.org |date=2013-11-13 |access-date=2014-04-27}}</ref> Stack protection is standard in certain operating systems, including [[OpenBSD]],<ref>{{cite web| url = https://man.openbsd.org/gcc-local.1| title = OpenBSD's gcc-local(1) manual page| quote = gcc comes with the ''ProPolice'' stack protection extension, which is enabled by default.}}</ref> [[Hardened Gentoo]]<ref>{{cite web|url=https://wiki.gentoo.org/wiki/Hardened/Toolchain#Default_addition_of_the_Stack_Smashing_Protector_.28SSP.29|title=Hardened/Toolchain - Gentoo Wiki|quote=The Gentoo hardened GCC switches on the stack protector by default unless explicitly requested not to.|date=2016-07-31}}</ref> and [[DragonFly BSD]].{{Citation needed|date=September 2013}}
 
StackGuard and ProPolice cannot protect against overflows in automatically allocated structures that overflow into function pointers. ProPolice at least will rearrange the allocation order to get such structures allocated before function pointers. A separate mechanism for [[pointer protection]] was proposed in PointGuard<ref>{{cite web|url=http://www.usenix.org/events/sec03/tech/full_papers/cowan/cowan_html/index.html|title=12th USENIX Security Symposium — Technical Paper}}</ref> and is available on Microsoft Windows.<ref>{{cite web|url=http://blogs.msdn.com/michael_howard/archive/2006/08/16/702707.aspx|title=MSDN Blogs – Get the latest information, insights, announcements, and news from Microsoft experts and developers in the MSDN blogs.|date=6 August 2021 }}</ref>
Retrieved from "https://en.wikipedia.org/wiki/Buffer_overflow_protection"