摘要
「沒有零錯誤的程式。」這應該是絕大多數軟體開發者的座右銘之一,特別是對大型的應 用程式而言。幾乎所有的軟體都以「嘗試並修護」的方法學來開發:先是撰寫、測試、修 補、再測試小段的程式碼;接下來將這些小段的程式碼組合成模組,然後繼續對這些模組 作測試、修補與再修補的工作;如此這般,小的模組又組成大的模組。最後往往造成 bug 存在於系統之中。 在眾多的 bug 之中,buffer overflow 算是最常見且嚴重的一項;它將可能導致未授權的程式 碼被系統以特殊權限執行,進而違反整個系統的安全管制策略。廣義地說,buffer overflow 泛指發生在行程的 heap、BSS(Block Start by Symbol)與堆疊中所有因為邊界檢查不足而產 生的違規記憶體存取行為,然而過去幾項有關 buffer overflow 偵防機制的研究如 Libsafe、 StackGuard 與 Non-executable Stack 等,大都侷限在發生於堆疊內的 buffer overflow ,所保護 的變數也僅限於副程式返回位址(return address)。對於一些較新的攻擊技術如 heap/BSS-based overflow 而言,前述的幾項機制在實際應用上提供的保護仍相當有限。 本論文擬改進 StackGuard 方式中運用 canary word 技術,對大部分偵防機制之缺點加強防制, 希望在安全性、方便性與執行效率等考慮點上取得最佳平衡,達到一更安全之應用程式執 行環境。
並列摘要
"There is no bug-free program." which should be one of the mottoes to most application developers, especially for large applications. Almost all software is developed using a "try-and-fix" methodology: First, small code pieces are implemented, tested, fixed, and tested again. Then, these small pieces are combined into a module, and this module is then tested, fixed, and tested again. Small modules are then combined into larger modules, and so on. The end result is that there are always bugs exist in the system. "Buffer overflow" should be the most common and serious ones among most bugs. It possibly results in unauthorized code to be executed by system under special privilege mode; then the system security policy will therefore be violated completely. Generally speaking, buffer overflow is a kind of memory access violation which happened in the process heap, BSS (Blocked Start by Symbol) or stack due to improper boundary checking in the programming language. However, most past research related to buffer overflow detection and prevention techniques were focused on stack based buffer overflow. Moreover, the protection scope was also limited to function return address. The mechanisms described before suffer from the weakness in some newly developed attacking techniques such as heap/BSS-based buffer overflow. In this paper, we propose a new system based on the canary word technique, which used by StackGuard to improve the weakness mentioned above.
參考文獻
[1] DoD 5200.28-STD. Trusted computer system evaluation criteria, December 1985.
[2] CERT Advisory. CA-99-03: FTP Buffer Overflows, February 1999.
[3] CERT Advisory. CA-99-07: IIS Buffer Overflow, June 1999.
[4] CERT Advisory. CA-99-08: Buffer overflow vulnerability in rpc.cmsd, July 1999.
[5] CERT Advisory. CA-99-11: Four Vulnerabilities in the Common Desktop Environment, September 1999.
延伸閱讀
- Chen, C. C. (2009). 以動態轉譯機制偵測緩衝區溢位攻擊之設計 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2009.02015
- Haung, Z. H. (2006). 利用重新繞線做擁塞辨識的緩衝器插入 [master's thesis, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2006.00398
- Wu, K. C. (2008). 利用正規化解決緩衝器置入問題 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2008.00598
- Kuo, H. X. (2007). 使用QEMU模擬器偵測緩衝區溢位攻擊 [master's thesis, National Central University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0031-0207200917351307
- 宋振華、楊子翔(2001)。On the Buffer Overflow Vulnerability。電腦與通訊,(95),55-62。https://doi.org/10.29917/CCLTJ.200103.0010