Progress on Bounds Checking in C and the Linux Kernel
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the advancements in bounds checking for C and the Linux kernel in this 46-minute conference talk. Delve into the challenges of heap buffer overflow flaws in C code and the compiler's limitations in preventing them. Learn about the history of the "flex array member" (FAM) in C language specifications and the introduction of -fstrict-flex-arrays for unambiguous array size declarations. Discover how the Linux kernel builds upon these improvements by transforming arrays, implementing __builtin_dynamic_object_size(), enhancing defenses like FORTIFY_SOURCE, and expanding compiler knowledge for improved sanitizers. Explore the potential of a new struct member attribute to extend object size tracking to all array types, aiming to eliminate persistent buffer overflow vulnerabilities in Linux.
Syllabus
Progress On Bounds Checking in C and the Linux Kernel - Kees Cook, Google & Gustavo A.R. Silva
Taught by
Linux Foundation
Tags
Related Courses
Software Design Threats and MitigationsUniversity of Colorado System via Coursera Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam Unlocking Information Security I: From Cryptography to Buffer Overflows
Tel Aviv University via edX Unlocking Information Security
Tel Aviv University via edX Buffer Overflow Exploits (Arabic) | OSCP Preparation
Udemy