Hacker News new | comments | show | ask | jobs | submit login

Note that enabling stack protection is often not enough to completely mitigate stack smashing attacks if there is a vulnerability in the code.

For example if you can leak the value of the protector somehow, then you can just replace it with its original value when you smash the stack.

Alternatively, it may be possible to brute-force the stack protector value, particularly on 32-bit systems where the protector often only has 24 bits of entropy.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: