| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3F3C1061.7070107@immunix.com>
Date: Thu, 14 Aug 2003 15:42:41 -0700
From: Crispin Cowan <crispin@...unix.com>
To: Sam Baskinger <sam@...fedge.com>
Subject: Re: Buffer overflow prevention
Sam Baskinger wrote:
>It sounds like array bounds checking would offer an almost equivalent effect.
>This would not stop mis-casting a struct and referencing out of it or similar
>casting+address calcuation errors. To prevent that you would need either a
>language that prevented the production of that sort of code or to solve the
>halting problem.
>
Array bounds checking offers greater protection than any of these
protections (StackGuard, ProPolice, PointGuard, W^X, PAX/ASLR, etc.) The
problem is that the very fastest array bounds protection for C (Bounded
Pointers) imposes a 5X slowdown on performance, where as these other
techniques impose overheat somewhere between noise and 20%. See the
comparison chart in the back of the PointGuard paper for a good
comparison of these techniques:
"PointGuard: Protecting Pointers From Buffer Overflow
Vulnerabilities". Crispin Cowan, Steve Beattie, John Johansen and
Perry Wagle. To appear at the 12^th USENIX Security Symposium
<http://www.usenix.org/events/sec03/>, Washington DC, August 4-8,
2003. Paper
<http://immunix.com/%7Ecrispin/pointguard_usenix_security2003.pdf>
and Talk
<http://immunix.com/%7Ecrispin/pointguard_usenix_security2003.ppt>.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
Chief Scientist, Immunix http://immunix.com
http://www.immunix.com/shop/
Powered by blists - more mailing lists