Re: Stack growth direction to thwart buffer overflow attacks
From: Frank Cusack (fcusack_at_fcusack.com)
Date: 08/19/03
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Previous message: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- In reply to: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- Next in thread: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Reply: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Reply: Casper H.S. ***: "Re: Stack growth direction to thwart buffer overflow attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 19 Aug 2003 10:11:31 -0700
On Tue, 19 Aug 2003 09:27:43 -0700 Frank Cusack <fcusack@fcusack.com> wrote:
> On Tue, 19 Aug 2003 15:42:34 +0000 (UTC) phn@icke-reklam.ipsec.nu wrote:
>> Well, selecting your vendor is an art. Noone forces yoo to use
>> obsolete vendors faulty implementations.
>
> That's not the right attitude if you care about thwarting buffer overflow
> attacks. (Isn't that how this thread started?) You have to write code
> defensively. People WILL use your code where you don't expect it.
Also, both Solaris and GNU/glibc have faulty implementations of strncat().
They are not obsolete vendors.
/fc
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Previous message: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- In reply to: Frank Cusack: "Re: Stack growth direction to thwart buffer overflow attacks"
- Next in thread: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Reply: phn_at_icke-reklam.ipsec.nu: "Re: Stack growth direction to thwart buffer overflow attacks"
- Reply: Casper H.S. ***: "Re: Stack growth direction to thwart buffer overflow attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
