| 基于Libsafe的缓冲区溢出防范技术的研究 |
| |
| 引用本文: | 潘大庆,覃纪武.基于Libsafe的缓冲区溢出防范技术的研究[J].数字社区&智能家居,2006(20). |
| |
| 作者姓名: | 潘大庆 覃纪武 |
| |
| 作者单位: | 柳州市委党校 广西柳州545006(潘大庆),柳州职业技术学院 广西柳州545006(覃纪武) |
| |
| 摘 要: | 缓冲区溢出漏洞问题是一种常见的程序漏洞,在所有的操作系统中平台上或多或少都存在着这样漏洞,文章首先介绍缓冲区漏洞的主要原因和常用的防范措施,然后深入讨论一种基于Libsafe的格式化串漏洞的防范和堆栈溢出防范技术的实现原理和方法。该方法容易实现,配置简单,只要配置LD_PRELOAD环境变量,操作系统就可以调用,不会给系统带来额外的负担,不需要重新编译已经存在的应用程序,可以防范很多未知的缓冲区溢出漏洞。
|
| 关 键 词: | 缓冲区溢出 libsafe 格式化串 堆栈 strcpy strcat |
Research of Anti-buffer Overflow Based on Libsafe |
| |
| PAN Da-qing,QIN Ji-wu.Research of Anti-buffer Overflow Based on Libsafe[J].Digital Community & Smart Home,2006(20). |
| |
| Authors: | PAN Da-qing QIN Ji-wu |
| |
| Affiliation: | PAN Da-qing1,QIN Ji-wu2 |
| |
| Abstract: | Buffer overflow is a kind phenomenon that we offen meet in many computer operating system.In this paper reason and anti-measures of buffer overflow were introduced firstly.and than, discuss how to prevent system from buffer overflow by Libsafe format string and stack overflow.compared other anti-buffer overflow this way look more easy to implement and configure. only configure the LD_PRELOAD environment variable the operating system can recall and keep away some buffer overflow unknowed in advance without recompiled the application program. |
| |
| Keywords: | buffer overflow libsafe format string stack strcpy strcat |
| 本文献已被 CNKI 等数据库收录! |
|
