Does anyone know of any C++ security frameworks which protect against buffer overflows, format string bugs and integer overflows please?
Asked
Active
Viewed 220 times
2
-
Good, but the question is, is it possible? – masoud Mar 12 '13 at 19:20
-
@MM I don't know if it is possible. My dissertation supervisor told me to develop two security frameworks: one for the web and one for C++. I found plenty of frameworks for the web, however it seems that there aren't a lot for C++ – Matthew Mar 12 '13 at 19:22
-
You can't really get 100% protection from those. There are tools like StackGuard, which uses canary values to detect stack overflows (heap overflows are a different matter), and StackShield, but they're both subvertable. This might be a good place to start -- http://en.wikipedia.org/wiki/Buffer_overflow_protection – alrikai Mar 12 '13 at 19:42
1 Answers
1
That's a standard feature of current Microsoft compilers, except for the format string bugs. Those aren't really C++ bugs but C bugs. C++ formatting solutions are generally typesafe.
MSalters
- 173,980
- 10
- 155
- 350