Defense mechanisms

Presented by:

Gaurav Kumar

Existing issues

• Buffer overflows
• Execution of code on the stack
• Format string vulnerabilities

​

Defense against format string vulnerabilities

• Do not use print statement to print a buffer.
• If to do so give proper format specifiers
• The compiler takes the responsibility to intimate you regarding the vulnerability by giving you a warning during compilation.
• Be a smart programmer
• NEVER EVER IN YOUR LIFE TAKE WARNINGS EASY

Defense against buffer overflows

• Overflows tend to manipulate the return addresses
• Control hijacking is the major issue here
• Stack canaries is a protection solution provided
• Place a randomly generated canary before the return address
• Protection is further enhanced in few systems by storing the return address at a safe place in a register and making a sanity check while returning from a function

​

Is this it for buffer overflows?

• NO not yet
• Again the compiler is a smart guy.
• Problem arises when we start acting smarter and ignore it’s warnings.
• There are safe functions provided by libc library to prevent buffer overflows
• Strncpy
• Strncat etc..
• Use the safe functions to stay safe
• Better safe than sorry

​

Is this it?

• No.
• We still have other issues with buffer overflows.
• Shellcode injection and execution
• To avoid this the DEP mechanism is implemented
• What is DEP?
• Data execution prevention i.e no data will be executed on the stack
• This prevents shell code injection attacks and solving the buffer overflow issue to a large extent