SSP: stack-smashing-protector, can be used to detect stack corruption. CFLAGS+= -fstack-protector
MUDFLAP: otherthan SSP, but can also used to detect heap corruption, but it need also link to libmudflap. CFLAGS+=-fmudflap, LDFLAGS+=-lmudflap
_FORTIFY_SOURCE: Can be used to simple buffer overflow in gets/memcpy/strcpy/... CFLAGS+=-D_FORTIFY_SOURCE
Please see attachment for details. There is a bug in local.c, SSP/_FORTIFY_SOURCE can't detect it since the corruption is in heap area not in stack area. Bug is fixed by local.diff.
ssp-mudflap-test.tar.xz.zip (please remove the .zip extension)
阅读(1236) | 评论(0) | 转发(0) |
