Protecting from stack-smashing attacks

Hiroaki Etoh and Kunikazu Yoda
IBM Research Division, Tokyo Research Laboratory,
1623-14 Shimotsuruma, Yamato, Kanagawa 242-8502, Japan
{etoh,yoda}@jp.ibm.com

This paper presents some new ideas for improving the state of the art in buffer overflow detection. The main ideas are (1) the reordering of local variables to place buffers after pointers to avoid the corruption of pointers that could be used to further corrupt arbitrary memory locations, (2) the copying of pointers in function arguments to an area preceding local variable buffers to prevent the corruption of pointers that could be used to further corrupt arbitrary memory locations, and the (3) omission of instrumentation code from some functions to decrease the performance overhead.

Protecting from stack-smashing attacks

Abstract: