Hardening C/C++ Programs Part II – Executable-Space Protection and ASLR

In the first part of this series we discussed the mechanics of an exploit, the general concept of hardening, and the stack protector hardening technique in particular. Some of the concepts explained there will be used here, too, so you might want to read at least the first few paragraphs. Executable-space protection As mentioned in the first part, exploits often … Read More

Hardening C/C++ Programs Part I – Stack Protector

When C, C++ and the Internet were conceived, they were mostly used by academics. Attacks on computer systems were rare, since there was not much incentive to it, so there did not have to be a focus on security and robustness. Nowadays these designs haunt us: The past two decades have uncovered a lot of security vulnerabilities in C/C++ programs, … Read More