Hi, all:
There has been a cool option /GS of visual studio compiler option,
which can detect some buffer overruns, which overwrite the return address —
a common technique for exploiting code that does not enforce buffer size
restrictions. It sets up a canary between the local variable on stack and
the EBP/return address. So if such a buffer overrun occurs, an os exception
will be thrown out thus prevents the malicious people from making use of it.
And I would like to know whether there is a similar option on GCC. :)
Good luck!
--
Leo Li
China Software Development Lab, IBM
