Buffer Overflow Defenses

High

()-level languages are not vulnerable to buffer overflow attacks because compiler enforces range checks and permissible operations on variables

libraries

high-level languages’ use of some () still allows them to still be somewhat vulnerable to buffer overflow attacks

there are still some () that provide extra securities against buffer overflows

stackguard

adds function entry and exit code to check stack for signs of corruption

address space randomization

the method of manipulating the stack, heap, global data etc. to avoid buffer overflow jumps or other injections from being submitted
the memory ,moving is done randomly

guard pages

a section of memory that is always kept empty

taint analysis

keeping track of the tags derived from user input

taint seed

specific input that is meant to be monitored as program runs

integer underflow

occurs at run-time when the result of an integer expression is smaller than its minimum value, thus “wrapping” to the maximum integer for the type

return to system call

a return call on the stack gets replaced with another systm call

Global Data Overflow

Same thing as stack or heap overflow but used in the global memory
you can defend against this by moving function pointers, adding guard pages, and having non-executable or random global data region

shellcode

a small piece of code used as the payload in the exploitation of a software vulnerability