PROTECTING FROM
FORMAT
STRING
ATTACKS
Home |
Objectives |
Forum |
Security Links |
Tutorials |
People |
- White Papers
- Sources & Tools
- libformat
libformat is a library for the Linux operating system that intercepts, among others, calls to the printf() family of functions to prevent format string attacks, in which a possibly malicious user supplied format string is used. This is a programming error, but has recently been used to break computer security. This library can be used to protect against compromises due to yet undiscovered vulnerabilities in privileged programs. libformat checks for format strings containing the %n format specifier in writable parts of a process' address space, and if found, the process is terminated with the KILL signal. For more information, here.
- Libsafe
The libsafe library protects against buffer overflow and format string attacks. It works by putting a wrapper around dangerous functions that contain any buffer overflows within the current stack frame, so that the return address can not be changed. Libsafe works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. Changes: Ability to handle both buffer overflow and format string attacks, and extension of its protection to all the applications running on a system. For more information, here.
Copyright(c) 2001
HackerProof. All rights reserved.
Last Update: