Audit with Tools: Regularly check software for vulnerabilities using automated tools.
Rewrite in Safe Language: If possible, rewrite software in a safer programming language.
Concede Overflow: Allow overflow but prevent code execution. d. Runtime Code for Detection: – Halt Process: Stop the program if an overflow exploit is detected. – Stackguard: Implement a protective measure against stack-based attacks.
2. Marking Memory as Non-Executable:
Prevent attackers from executing code by marking stack and heap as non-executable.
Run-time Defense:
1. Stack Integrity Testing:
Regularly check if the stack is intact.
2. Canaries (Random and Terminator):
Random Canaries:
Generate a random string at program startup.
Insert this string into every stack frame.
Check the canary’s integrity before returning from a function.
Changing the canary results in program termination, turning potential exploits into a Denial of Service (DoS).
Attacker must learn the current random string to corrupt the system.
Terminator Canaries:
Use string functions that won’t copy beyond a terminator.
Prevent attackers from using string functions to corrupt the stack.
3. Heap Protection:
Encrypt function pointers and set jump buffers in the heap to protect against attacks.
Note: This may have noticeable performance effects.