摘要
详细讨论和分析了由于 C/C+ +语言不进行数组和指针的边界越界检查造成缓冲区、堆栈溢出的原理、要素、以及对系统造成的危害 .对“禁用栈执行、使用安全 C库支持、编译器技术”当前最新的几种防御技术进行了讨论 ,并给出了部分具体的实例程序源代码 .
The paper discusses and analyzes the principle,main factors of stack and array overflow and its harm to the system resulted from that the C/C^(++) do not check whether the array and pointer boundary overflow. Some latest defense techniques such as the prevention of using stack, and using safety C to support and compiler techniques are discussed. Some specific program codes are given as examples.
出处
《佳木斯大学学报(自然科学版)》
CAS
2003年第4期397-401,共5页
Journal of Jiamusi University:Natural Science Edition