| With the development of Internet, the great growth of web has appeared out in applications. The web provides great convenience, meanwhile this takes computers on the web lead to more attacks, network security has become the most important issue that various kinds of online activities lead to be considered.Buffer overflow attacking ,which is a seriously problem ,has been causing serious security problems in recent years. At present, there are many buffer overflow exploit codes. The early buffer overflow exploit codes only spawn a shell. However, nowadays some of the buffer overflow exploit codes have very nice features,for example, passing through filtering, opening a socket, breaking chroot, and so on. The harm will hard to be estimated.C\C++ language of the guidelines because of its flexible application characteristics usually allowing additional information to the rest of memory write without basis in any position, which may lead to buffer overflow. Using it will lead to unexpected results. Moreover, there are many dangerous C language API itself, it is always prepared to use the correct code is also very difficult to deal with buffer overflow. Buffer overflow can easily lead to accidents. The more important point is C\C++ the application is very extensive and huge code, inspection and modification work on the very alarming. Buffer overflow is the most common means of attack security holes. C language programmers'bad habits can easily lead to buffer overflow. Common buffer overflow can be divided into the following categories: stack overflow, heap overflow, array indexing error, format string bugs, ANSI and Unicode code and code size of the buffer zone between not matching.Relatively simple stack overflow, a simple programmers, we would achieve it through the static buffer overflow. Guidelines will overflow to the position he wants, we can achieve the purpose of attack; Heap overflow by malloc () or new reactor operator in the distribution space, Maximum visit to the application of space data over time, it will cause a heap overflow;Data indexing error in the system now rare, it mainly exists in 32 bits operating system. 0x100000000 0x00000000 is the same value and, therefore, which makes the data array index values may be lower than the base site, causing data indexing error;Unicode and ANSI buffer size not equals and more common in the Windows system. In general, unicode buffer size is calculated by Architecture Optimization of Word-length. Single character is not equal to the length of the buffer size. If in the calculation of the size of a single-byte length of the buffer zone, buffer overflow will occur.To prevent different types of buffer overflow, the paper presents the following prevention strategies: First, to prepare the correct code For programmers, to prepare efficient, high-quality code is a minimum requirement; Secondly, Laws aimed at the function pointer to the buffer overflow problem, based on the detection method of defense. The method can return before the first inspection function return value so it has been revised guidelines; Thirdly, the stack overflow problem Stack made to protect the integrity of the non-implementation stack, buffer technology lock protection, or to stack the high growth of the site, The method has been applied in some systems; Fourthly, for the C language provides a common potentially dangerous API. This paper gives an STL (Standard Template Library) and the array of border checkpoints and other relevant solutions; Fifth, on a certain strategy, including the closure of the privileges unnecessary procedures Remote Access version of the information not related to the closure of time to install the system and patch, etc.; High users of the sixth made to provide assistance to users with the correct software to use the correct navigation; Finally, enlist the help of a third party tool to examine the potential loopholes in the code, the source code scanning tools such as paper fringe. Scanning can be an effective method of calling out may lead to the buffer overflow.At last, from programmer point of view, design of a rule-based programming source static C\C++ loopholes scanning tool. The main procedures for the use of standard part of C, to support multiple platforms C language use, MFC interface segment Packaging has good interactive operation. Tool for the industry to use the current popular XML technology and it is matching algorithm, can be used as SOA (service-oriented architecture) as a separate component. First read through the procedure rules XML flow analysis rules nodes, the relevant information is stored to a list, obtain scanning rules, the rules of formation; import procedures can be both a single source documents, or by matching directory, Batch conducting a number of documents to provide users with a wide range of choices. The program then to the source code of conduct verbatim scanning, it is through matching algorithm, made the source of the function name and parameter sequence. Under the rules again, testing the source of each function of the existence of a potential security loopholes If there is a potential security loopholes, it is related warnings and make appropriate recommendations; Finally, the existence of loopholes in the security function to compile a list to submit safety report and in the form of a document submitted to the user. Procedures for the use of the rules is through external XML documents, strong scalability, This also means that the vulnerability scanning software is highly scalable, users can add their own experience,to modify the rules. Flexible, efficient and convenient loopholes scanning is the biggest feature of the tool, But its ability to detect loopholes in the analysis under the restrictions, its analysis is not entirely reliable, the possibility of the use of security as a potential loophole, also the possibility of a security vulnerability as a function instead of the normal function to be addressed.Overall, programmers can make this program as an effective software development assistant. |
PDF Full Text Request