Talk:Buffer overflow

From Citizendium
Revision as of 09:01, 12 April 2007 by imported>Nick Johnson (→‎More for software)
Jump to navigation Jump to search


Article Checklist for "Buffer overflow"
Workgroup category or categories Computers Workgroup [Editors asked to check categories]
Article status Developing article: beyond a stub, but incomplete
Underlinked article? Yes
Basic cleanup done? Yes
Checklist last edited by --Eric M Gearhart 09:54, 12 April 2007 (CDT)

To learn how to fill out this checklist, please see CZ:The Article Checklist.





Technical explanation not technical

For instance, nothing "marks" stack contents as either program location or data.--Nick Johnson 14:40, 11 April 2007 (CDT)

Why not correct the article then? --Eric M Gearhart 14:51, 11 April 2007 (CDT)

More for software

I plan on doing some research, and then adding these things under the software section:

  • StackGuard and Canary Values as implemented by a compiler
Check --Nick Johnson 09:08, 12 April 2007 (CDT)
  • Memory address randomization
Check --Nick Johnson 09:08, 12 April 2007 (CDT)
  • Separation of privileges
Can't decide if this belongs on this page. It's a generic security safeguard, not specific to buffer overflows --Nick Johnson 10:01, 12 April 2007 (CDT)

--Nick Johnson 08:36, 12 April 2007 (CDT)

More on Hardware/Software

By the way: OpenBSD does something called W^X (write-exclusive-or-execute). I don't really know how it works, but if anyone does, it should be added here. --Nick Johnson 08:37, 12 April 2007 (CDT)

Article growing nicely

This is why I love working on wikis... I've learned as much as I've contributed to this article. Nice job Nick. --Eric M Gearhart 09:54, 12 April 2007 (CDT)

The pleasure is mine. Thank you Eric. --Nick Johnson 10:00, 12 April 2007 (CDT)