Когда защита стека в компиляторах не срабатывает?
Аннотация
Об авторах
Павел ДовгалюкРоссия
Владимир Макаров
Россия
Список литературы
1. Y. Younan, “25 years of vulnerabilities: 1988-2012,” Tech. Rep., 2012. [Online]. Available: https://courses.cs.washington.edu/courses/cse484/14au/reading/25-years-vulnerabilities.pdf
2. M. Vallentin, “On the evolution of buffer overflows,” 2007.
3. D. Baca, K. Petersen, B. Carlsson, and L. Lundberg, “Static code analysis to detect software security vulnerabilities - does experience matter?” in Availability, Reliability and Security, 2009. ARES ’09. International Conference on, March 2009, pp. 804-810.
4. A. Austin and L. Williams, “One technique is not enough: A comparison of vulnerability discovery techniques,” in 2011 International Symposium on Empirical Software Engineering and Measurement, Sept 2011, pp. 97-106.
5. N. Rutar, C. B. Almazan, and J. S. Foster, “A comparison of bug finding tools for java,” in Proceedings of the 15th International Symposium on Software Reliability Engineering, ser. ISSRE ’04. Washington, DC, USA: IEEE Computer Society, 2004, pp. 245-256. [Online]. Available: http://dx.doi.org/10.1109/ISSRE.2004.1
6. H. Sun, X. Zhang, C. Su, and Q. Zeng, “Efficient dynamic tracking technique for detecting integer-overflow-to-buffer-overflow vulnerability,” in Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ser. ASIA CCS ’15. New York, NY, USA: ACM, 2015, pp. 483-494. [Online]. Available: http://doi.acm.org/10.1145/2714576.2714605
7. J. Wilander and M. Kamkar, “A comparison of publicly available tools for dynamic buffer overflow prevention,” in IN NDSS, 2003.
8. B. Bray, “Visual studio.net 2003: Compiler security checks in depth,” February 2002. [Online]. Available: https://msdn.microsoft.com/enus/library/Aa290051
9. “Stack smashing protector.” [Online]. Available: http://wiki.osdev.org/Stack_Smashing_Protector
10. Bulba and Kil3r, “Bypassig stackguard and stackshield,” Phrack Magazine, vol. 56, May 2000. [Online]. Available: http://phrack.org/issues/56/5.html
11. C. Team, “Exploit writing tutorial part 6: Bypassing stack cookies, safeseh, sehop, hw dep and aslr,” 2009. [Online]. Available: https://www.corelan.be/index.php/2009/09/21/exploit-writingtutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
12. G. Richarte, “Four different tricks to bypass stackshield and stackguard protection,” World Wide Web, vol. 1, 2002.
13. A. Sotirov and M. Dowd, “Bypassing browser memory protections,” in In Proceedings of BlackHat, 2008. [Online]. Available: http://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf
14. A. One, “Smashing the stack for fun and profit,” Phrack Magazine, vol. 49, November 1996. [Online]. Available: http://phrack.org/issues/49/14.html
15. klog, “The frame pointer overwrite,” Phrack Magazine, vol. 55, September 1999. [Online]. Available: http://phrack.org/issues/55/8.html
16. C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang, “Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks,” in In Proceedings of the 7th USENIX Security Symposium, 1998, pp. 63-78.
17. A. Seredinschi, Drago¸s-Adrian; Sterca, “Enhancing the stack smashing protection in the gcc,” Studia Universitatis Babe¸s-Bolyai, Informatica, vol. LV, Number 1, 2010.
18. Y. WU, “Enhancing security check in visual studio c/c++ compiler,” in Software Engineering, 2009. WCSE ’09. WRI World Congress on, vol. 4, May 2009, pp. 109-113.
19. P. Silberman and R. Johnson, “A comparison of buffer overflow prevention implementations and weaknesses.” [Online]. Available: https://www.blackhat.com/presentations/bh-usa-04/bh-us-04-silberman/bh-us-04-silberman-paper.pdf
20. C. Evans, “glibc alloca() memory corruption,” 2011. [Online]. Available: https://packetstormsecurity.com/files/98720/
Для цитирования:
Довгалюк П., Макаров В. Когда защита стека в компиляторах не срабатывает? Труды Института системного программирования РАН. 2016;28(5):55-72. https://doi.org/10.15514/ISPRAS-2016-28(5)-3
For citation:
Dovgalyuk P., Makarov V. When stack protection does not protect the stack? Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2016;28(5):55-72. https://doi.org/10.15514/ISPRAS-2016-28(5)-3