Re: StackGuard
"J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl> writes:
> > Yes, something like this (I can't remember now if they started with
> > stackguard) will be integrated with egcs in the future. There are already
> > of couple of implementations for this (stackguard being only one of them).
>
> Could you provide pointers for this? I'm aware that the checkergcc patches
> (http://www.fsf.org/software/checker/checker.html) are likely to be
> integrated into egcs, but they deal with memory leak detection etc., not
> preventing security holes resulting from buffer overflows.
Serge Orlov <sorlov@CON.MCST.RU> recently made a posting to BUGTRAQ
about a "Multi-stack allocator" patch against egcs. It's supposed to have
less of a performance impact. Here's the URL:
http://www.ipmce.su/~sorlov/security.html
I also read on the Linux security audit list that Greg McGary
<gkm@eng.ascend.com> had built a bounds checking system for gcc that
he is in the process of porting to egcs.
Cheers,
- Jim
Reply to:
- References:
- StackGuard
- From: Enrico Cherubini <kevin@arena.sci.univr.it>
- Re: StackGuard
- From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>
- Re: StackGuard
- From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
- Re: StackGuard
- From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>