Stackguard Mechanism Defending C Programs Stack Based Buffer Overflows Detects Memory Corr Q43904630
StackGuard is a mechanism for defending C programs againststack-based buffer overflows. It detects memory corruption using acanary, a known value stored in each function’s stack frameimmediately before the return address. Before a function returns,it verifies that its canary value hasn’t changed; if it has, theprogram halts with a security error.
- In some implementations, the canary value is a 64-bit integerthat is randomly generated each time the program run. Why does thisprevent the basic buffer-overflow attack discussed in lecture?
- What are the security drawbacks to choosing the canary value atcompile time instead of at run time? Why do some implementationsuse 0 for the canary anyway?
- No matter how the canary is chosen, StackGuard cannot protectagainst all buffer overflow vulnerabilities. Describe two kinds ofbugs that can corrupt the stack and allow the adversary to takecontrol, even with StackGuard in place.
Expert Answer
Answer to StackGuard is a mechanism for defending C programs against stack-based buffer overflows. It detects memory corruption us…
OR