Bypassing Clang’s SafeStack for Fun and Profit

Дата: 08.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

SafeStack, a new compiler feature currently only available in clang[1] and underway for GCC[2], protects return addresses on the stack from being overwritten through memory vulnerabilities. SafeStack (-fsanitize=safe-stack) is intended to replace the stack cookies (-fstack-protector). It separates the data and the return addresses on the original stack, and puts the former in the unsafe stack and the latter in the safe stack. We investigate the implementation of the safe stack to see if there are still ways to get to it and overwrite the return addresses.

by Aggelos Oikonomopoulos, Benjamin Kollenda, Cristiano Giuffrida, Elias Athanasopoulos, Enes Goktas, Georgios Portokalidis, Herbert Bos, and Robert Gawlik

Full Abstract: https://www.blackhat.com/eu-16/briefings/schedule/#bypassing-clangs-safestack-for-fun-and-profit-4965

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *