Detecting Buffer Overflows
There are a number of tools designed to check for the possibilities ofbuffer overflows, both in source code, and running services.
One of the most widely used tools for checking C code is a utility called
"Lint". While Lint does not actually check for buffer overflows, it does
check for poor programming practices (e.g. using the C gets() function
instead of fgets() ), that can lead to buffer overflows.
Tools do exist, however, that are designed to check C source code
specifically for potential buffer overflows. One tool of this type is called
pscan. While pscan does not check all potential buffer overflows
exhaustively, it does check for known problems with functions such as
sprintf().
As with checking for application errors, automated tools are very
useful when checking for buffer overflow situations, in that they can
help to cut out some of the drudgery from what is quite often a
laborious task. However, they should never be used as a substitute for
checking for vulnerabilities by hand.
No comments:
Post a Comment