1 / 6

/GS Switch in Visual Studio

/GS Switch in Visual Studio. Chanda Dutta, Divya Makhija, Sugita Kumari & Upma Sharma Tech Mahindra Ltd. 91-022-66882000. July 31st 2006. What is the /GS Switch?. Buffer security check option Enabled by default

chicoine
Download Presentation

/GS Switch in Visual Studio

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. /GS Switch in Visual Studio Chanda Dutta, Divya Makhija, Sugita Kumari & Upma Sharma Tech Mahindra Ltd. 91-022-66882000 July 31st 2006

  2. What is the /GS Switch? • Buffer security check option • Enabled by default • Gives warnings when following types of functions are used - gets() and strcpy() • Compiler recommends gets_s( ) and strcpy_s( )

  3. How does the /GS Switch work? • Compiler inserts a “canary” after a memory array (buffer) declared on stack. • “Canary” are random bytes that can be verified by the compiler. • BO usually involves a canary-overwrite. • If the canary is modified error is generated.

  4. /GS Switch Limitations • Does not detect BO in either heap or data segments. • Return address on the stack can still be overwritten. • It is possible to defeat the canary by detecting its value (brute-force) • It is also possible to return to a rogue address. /GS does not prevent this. • Code compiles without warning even if /GS is enabled. • Restricted to automatic variables

  5. /GS Switch Summary • Be aware of /GS switch limitations. • /GS switch detects, does not prevent.

  6. Thank you!

More Related