摘要
通过对缓冲区溢出攻击原理的研究和分析,讨论了C/C++源程序缓冲区溢出的常见表现,并分析了其原因和产生机理,提出了一种基于安全分离控制和数据信息的双栈结构的C编译器模型,其好处是无论数据栈如何溢出,控制线都不受影响,缺点是该法一样不能防御所有的缓冲溢出攻击。
This paper studies and analyzes the principle of buffer overflow, and presents the familiar representation of buffer overflow in C/C++ source code, and makes an analysis to the vulnerabilities characteristics and how they work. At last the C complier model of double stack is proposed,in which the control stack will not been affected by the data stack overflow but it could do nothing for buffer overflow.
出处
《电脑开发与应用》
2005年第9期46-47,49,共3页
Computer Development & Applications
关键词
缓冲区溢出
堆栈溢出
栈帧
C编译器
双栈结构
buffer overflow, stack overflow, stack frame, C complier, double stack structure