Hi, On Fri, 25 Nov 2016, Ola Lundqvist wrote: > Thank you for the information that it is glibc that "protect". Do we know > that glibc in wheezy do this or is this a more recent thing?
AFAIK glibc does not "protect", it adds canaries to detect when it happens, but it cannot avoid them. And it detects them possibly way later when memory is freed (unless the overrun is done by glibc functions I guess). https://security.stackexchange.com/questions/64182/does-glibc-use-canary-checking-to-prevent-heap-buffer-overflow But it's hard to find any official documentation about what glibc really does. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/