overflows
References: <[EMAIL PROTECTED]>
In-Reply-To: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Secured by aspStation
Sender: [EMAIL PROTECTED]
Precedence: bulk
Mailing-List: contact <[EMAIL PROTECTED]> ; run by MajorDomo
List-Id: Secure Coding Mailing List <sc-l.securecoding.org>
List-Post: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <http://www.securecoding.org/list/>
List-Unsubscribe: <http://www.securecoding.org/list/>
List-Help: <http://www.securecoding.org/list/charter.php>
List-Archive: <http://lists.virus.org>
Delivered-To: mailing list [EMAIL PROTECTED]
Delivered-To: moderator for [EMAIL PROTECTED]

Gary McGraw wrote:
> The company was once called araksha.  Their technology is good (think
compiler
optimization foo) but not a silver bullet.  Many of the problems and
issues with
this approach can be found in a paper published a couple of years ago at
usenix
security.  Google for it through the MIT profs name.

[...snip...]

If they can add a bit of processing at return instructions to check that
the return address has a routine call right ahead of it, they will have
large coverage. Possibly large overhead too, though.

Reply via email to