The effect of this subtle change is to make buf begin on something other than a 4-
byte boundary. Without knowing the alignment of buf, any return address contained in
the attacker??™s input is not likely to be properly aligned when it overwrites the saved
return address, which again will lead to failure of the attacker??™s exploit.
The preceding example presents merely one way in which a stack layout may be modified
in an attempt to thwart any automated exploits that may appear for our vulnerable
application. It must be remembered that this technique merely provides security through
obscurity and should never be relied upon as a permanent fix to a vulnerability. The only
goal of a patch of this sort should be to allow an application to run during the time frame
between disclosure of a vulnerability and the release of a proper patch by the application
vendor.
Mutations Against Heap Overflows
In Chapter 8 we saw the mechanics of heap overflow exploits. Like stack overflows, successful
heap overflows require the attacker to have an accurate picture of the memory
Figure 19-4
Mutated stack
layout
Chapter 19: Closing the Holes: Mitigation
493
PART IV
layout surrounding the vulnerable buffer. In the case of a heap overflow, the attacker??™s
goal is to overwrite heap control structures with specially chosen values that will cause
the heap management routines to write a value of the attacker??™s choosing into a location
of the attacker??™s choosing.
Pages:
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865