当前位置:网站首页>buffer overflow protection
buffer overflow protection
2022-07-07 14:49:00 【fpcc】
One 、 Memory safety
c/c++ One of the key issues criticized by satiety is the security of memory , A typical example is memory out of bounds . stay c/c++ in , It does not check memory out of bounds , Like an array , The programmer can still use the pointer that has crossed its bounds . But once used up, release , The program will crash fall . out of buffer (buffer overflow), It is aimed at program design flaws or application defects of the language itself , Write data that can overflow the buffer to the data buffer of the program ( That is, the memory mentioned above is out of bounds ), Cause the program to run abnormally, so as to obtain the control of the program and even the system .
Have you noticed OpenSSL Provided in SM2 Buffer overflow vulnerability in the algorithm , This vulnerability can allow illegal users to get more data, leading to program denial of service or change the behavior of the program . If you are interested, you can search online . Not only the buffer vulnerability of this software , Historically , Basically, all well-known software has encountered this security problem more or less , On some white hat forums , These questions are often raised .
Memory problems , As a result, the security problems of the whole program emerge in endlessly , As big as Microsoft 、 Google and other large companies , As small as some individual developers , Failure of memory management , This kind of memory security problem is often caused or triggered . Generally speaking , Memory is the buffer to put data , So the memory security problem is also called buffer overflow problem .
Two 、 Buffer overflow protection
that , Since buffer overflow is so important , This has become an important issue of computer security . Generally speaking , Computer memory is divided into heap and stack ( Registers and the like are not considered for the time being ). The buffer security of the program can be protected from the level of software writing 、 Compilation level 、 Protection at the operation level ; At the operational level, it can be divided into OS The protection of the system and the protection of the application itself .
1、 Language level security control
a、 When writing a program , Pay attention to checking and controlling the length of the array 、 Pointer size and other boundary control , That is, integrity inspection .
b、 Use some safe libraries to replace the original arrays and pointers .
c、 Add security control code .
d、 Use the memory static checking tool
2、 Compile level security control
a、 Use development tools that support compile time memory checking, such as visual studio, Yes by default GS Options ,GCC A similar mechanism is provided .
b、 Boundary check during compilation .
c、 Stack mark control , Used to manage the location in memory .
d、 Use the runtime memory detection tool .
3、 Security control during operation
a、 Preventive memory security control in operating system , Such as accessing illegal addresses .
b、 Security check of memory and data , Including cross-border management .
c、 Sandbox hosting operation .
Here we talk about adding marker bits in memory to control buffer overflow , There are generally three ways , One is to add the ending character , such as C/C++ Medium \0 character ; One is to randomly distribute some control characters in memory, such as canary ; Finally, do XOR .
3、 ... and 、 application
In practical applications ,GNU Compiler Collection、LLVM、Microsoft Visual Studio also Intel、IBM And other compilers support security checks at compile time . Of course, there are static tools that can check memory problems during the coding phase, such as Lint etc. , In the run-time, the general operating system provides memory security control , For example, set some symbolic checks on the stack space , Protect the stack from being overwritten . stay Linux On , There are similar behaviors called canary.
and StackGhost It is to protect from the level of hardware , This is relatively rare . So let's see Linux How to check memory security in :
1、CANNARY( Stack protection )
gcc stay 4.2 Version with -fstack-protector and -fstack-protector-all Compile parameters to support stack protection ,4.9 Added -fstack-protector-strong Compiling parameters makes the scope of protection wider .
2、FORTIFY
Using parameter -U_FORTIFY_SOURCE Compile to protect buffer overflow .
3、NX(DEP)
Default on , In case of overflow , Automatically throw an exception , Instead of executing .
4、PIE(ASLR)
Memory address randomization mechanism (address space layout randomization), It is divided into images 、 Stack and PEB And TEB Randomize three .
5、RELRO
Set the symbol redirection table to read-only or parse and bind all dynamic symbols when the program starts , So as to reduce the right to GOT(Global Offset Table) attack .GOT You can take a look at the loading related content of the dynamic library .
Four 、 summary
Here's an explanation , This article will not teach you how to do buffer overflow, let alone how to attack , That's illegal . If anyone wants to learn safety knowledge , You can go to see snow and other safe websites to learn . This article focuses on how to protect the security of memory . Now the problem of computer security has risen to the national level , There is a vague shadow of hackers behind the war between Russia and Ukraine . The program is big , More people are involved in programming , People's programming level and ability are uneven, as well as their awareness and attention to security issues , All determine the overall safety of the program . Buffer overflow is a security problem that comes with the emergence of computers , It is almost essential , Speaking of this , Just remind me , A good programmer , You must have a deep understanding of the memory model of the language , Operating system memory management mechanism and program compilation and operation mechanism, etc . It can be said that there is one unexpected , It means that problems may occur , It depends on the price .
A thousand Li dike , Collapse in ant nest ! It's not alarmist .
边栏推荐
- 「2022年7月」WuKong编辑器更版记录
- 云上“视界” 创新无限 | 2022阿里云直播峰会正式上线
- What is cloud primordial? This time, I can finally understand!
- Navigation - are you sure you want to take a look at such an easy-to-use navigation framework?
- Zhiting doesn't use home assistant to connect Xiaomi smart home to homekit
- Because the employee set the password to "123456", amd stolen 450gb data?
- 2022pagc Golden Sail award | rongyun won the "outstanding product technology service provider of the year"
- Base64 encoding
- Es log error appreciation -maximum shards open
- 一文读懂数仓中的pg_stat
猜你喜欢
Navigation — 这么好用的导航框架你确定不来看看?
LeetCode每日一题(636. Exclusive Time of Functions)
Equipment failure prediction machine failure early warning mechanical equipment vibration monitoring machine failure early warning CNC vibration wireless monitoring equipment abnormal early warning
多商戶商城系統功能拆解01講-產品架構
时空可变形卷积用于压缩视频质量增强(STDF)
Introduction and use of Kitti dataset
JSON解析实例(Qt含源码)
Stm32cubemx, 68 sets of components, following 10 open source protocols
Simple use of websocket
用于增强压缩视频质量的可变形卷积密集网络
随机推荐
Demis Hassabis谈AlphaFold未来目标
What is cloud primordial? This time, I can finally understand!
电脑Win7系统桌面图标太大怎么调小
PyTorch模型训练实战技巧,突破速度瓶颈
2022pagc Golden Sail award | rongyun won the "outstanding product technology service provider of the year"
用于增强压缩视频质量的可变形卷积密集网络
Reading and understanding of eventbus source code
Half an hour of hands-on practice of "live broadcast Lianmai construction", college students' resume of technical posts plus points get!
leetcode:648. Word replacement [dictionary tree board + find the shortest matching prefix among several prefixes]
MicTR01 Tester 振弦采集模塊開發套件使用說明
比尔·盖茨晒48年前简历:“没你们的好看”
Ffmpeg --- image processing
PLC:自动纠正数据集噪声,来洗洗数据集吧 | ICLR 2021 Spotlight
2022 cloud consulting technology series high availability special sharing meeting
关于后台动态模板添加内容的总结 Builder使用
Mrs offline data analysis: process OBS data through Flink job
Mmkv use and principle
Oracle Linux 9.0 officially released
Several ways of JS jump link
AWS学习笔记(三)