Top > Security > Internet > libsafe

libsafe - Detects and handles buffer overflow attacks

The exploitation of buffer overflow and format string vulnerabilities in process stacks are a significant portion of security attacks. 'libsafe' is based on a middleware software layer that intercepts all function calls made to library functions known to be vulnerable. A substitute version of the corresponding function implements the original function in a way that ensures that any buffer overflows are contained within the current stack frame, which prevents attackers from overwriting the return address and hijacking the control flow of a running program.

The true benefit of using libsafe is protection against future attacks on programs not yet known to be vulnerable. The performance overhead of libsafe is negligible, it does not require changes to the OS, it works with existing binary programs, and it does not need access to the source code of defective programs, or recompilation or off-line processing of binaries.

Obtaining

Web pagehttp://www.research.avayalabs.com/project/libsafe/
Source tarball http://www.research.avayalabs.com/project/libsafe/src/libsafe-2.0-16.tgz
Version 2.0 (stable) released on 2001-03-21
Licensed under LGPL.
This is not a GNU package.

Support contacts

Help List<libsafe@research.avayalabs.com>
Developer List<libsafe@research.avayalabs.com>

Project contacts

Maintainers
Developers

Related information

Interfaceslibrary
Source languagesC

Entry information

License verified byJanet Casey <jcasey@gnu.org> on 2001-07-11
Entry compiled byJanet Casey <jcasey@gnu.org>

Categories



The copyright licensing notice below applies to this text. The software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.

Copyright © 2000, 2001, 2002, 2003 Free Software Foundation, Inc.

Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of this license is included in the file COPYING.DOC.

Please report any problems in this page to bug-directory@gnu.org, or find out how you can help fix them.

The FSF provides this directory as a service to the free software community. Please consider donating to the FSF to help support this project.