Jump to content

Stack-Smashing Protector

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 198.175.14.5 (talk) at 22:15, 15 August 2005 (See also). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Stack-Smashing Protector (sometimes called SSP, formerly known as ProPolice) is an extension to the GNU Compiler Collection that helps mitigate the damage that can be done by buffer overflow-based attacks. In particular, it provides stack-smashing protection.

The Stack-Smashing Protector was originally written, and is still maintained, by Hiroaki Etoh of IBM.

So far it remains a patch external to GCC, and must be added to GCC by developers wishing to employ stack-smashing protection in their programs; however, the current development version, which is to become gcc 4.1, contains a reimplementation of this patch. At this time, only a small number of operating system developers utilize the Stack-Smashing Protector in their projects by default: OpenBSD and DragonFly BSD. Gentoo Linux also has a version of their software distribution (Hardened Gentoo) that contains the Stack-Smashing Protector patch, but as Gentoo is primarily a source-based meta-distribution, this cannot be considered "out of the box" support. IPCop 1.4.0+ also includes SSP and libsafe as hardening measures.

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Stack-Smashing_Protector&oldid=21095243"