Protezione da Buffer Overrun con Visual Studio 2010

Segnalo il nuovo posto del team di C++ sulla nuova versione di /gs, gs++ in Visual Studio 2010.

Dal post del team di C++ :

Evolution of GS

A lot of code written in C and C++ has vulnerabilities that leave their users open to buffer overrun attacks. There are two major reasons for this. One reason is that the languages provide unfettered access to the vulnerable memory; the other reason is that developers make mistakes. The simple fact is that even following the best practices and performing quality checks, by the end of the day, no developers can get 100 percent of their code right all the time. Thus, additional built-in layers of defense to help track down vulnerable areas of code are in order. The Visual C++ compiler’s GS switch, which is on by default, is one of the built-in defenses designed to mitigate the buffer overrun attacks. …continua alla fonte.

 

added : è online anche un video su Channel9 di Louis Lafreniere su Next Generation Buffer Overrun Protection with /GS++

 

--Mario

Comments

• Anonymous
  June 06, 2009
  PingBack from http://valleygirls.blog-giant.com/2009/05/25/graft-architects/

• Anonymous
  June 15, 2009
  BOR BOR BOR!!!!!! "Memento! Controlla sempre i valori di ritorno e verifica le dimensioni", tu mi dissi!!! Però come per Start Trek siamo a NG!!!!