Re: Stack growth direction to thwart buffer overflow attacks

From: Barry Margolin (barry.margolin_at_level3.com)
Date: 08/15/03


Date: Fri, 15 Aug 2003 16:06:10 GMT

In article <bhi3mc$rgd$1@pegasus.csx.cam.ac.uk>,
Nick Maclaren <nmm1@cus.cam.ac.uk> wrote:
>Firstly, in the case of functions like strcpy, it is NOT much easier
>to provide the correct length than to do your own checking.

Could you explain this? How could writing your own checking code be easier
than just adding one parameter to a function call?

>|> Most buffer overflows can essentially be traced to lazy programming.
>|> There's two solutions to lazy programming: get rid of all the lazy
>|> programmers, or make it easier for them to program safely (so they can
>|> remain lazy and achieve better results). In an ideal world the first
>|> solution would be used, but we don't live in that world. We have to make
>|> do with the programmers available, so the second solution should help.
>
>Yes, it should. But will it?
>
>One of the common causes of problems is that a 'solution' eliminates
>enough of the easy cases so that lazy programmers stop even trying
>to do tackle the problem themselves. In turn, this means that the
>number of nasty cases increases. As it is common for 90% of the
>bugs to be easy, but 90% of the problems to be caused by hard bugs,
>this often REDUCES the overall reliability.

We're talking about programmers who aren't even getting the easy cases
right. If the cost of preventing 100 easy cases is 10 more nasty cases,
that seems like a net win.

-- 
Barry Margolin, barry.margolin@level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.