, The Shellcoder??™s Handbook (Indianapolis: Wiley Publishing, 2004)
Hoglund and McGraw, Exploiting Software: How to Break Code (Boston: Addison-Wesley, 2004)
Useful Links to Heap Overflows:
www.phrack.org/archives/57/p57-0x09
www.phrack.org/archives/57/p57-0x08
http://neworder.box.sk/newsread_print.php?newsid=7394
www.dsinet.org/files/textfiles/coding/w00w00-heap-overflows.txt
www.auto.tuwien.ac.at/~chris/teaching/slides/HeapOverflow.pdf
www.phrack.org/archives/61/p61-0x06_Advanced_malloc_exploits.txt
Memory Protection Schemes
Since buffer overflows and heap overflows have come to be, many programmers have
developed memory protection schemes to prevent these attacks. As we will see, some
work, some don??™t.
Compiler Improvements
Several improvements have been made to the gcc compiler.
Libsafe
Libsafe is a dynamic library that allows for the safer implementation of dangerous
functions:
??? strcpy()
??? strcat()
??? sprintf(), vsprintf()
??? getwd()
??? gets()
??? realpath()
??? fscanf(), scanf(), sscanf()
Libsafe overwrites the dangerous libc functions just listed, replacing the bounds and
input scrubbing implementations, thereby eliminating most stack-based attacks. However,
there is no protection offered to the heap-based exploits described in this chapter.
Pages:
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364