From the C++ Team Blog: A lot of code written in C and C++ has vulnerabilities that leave their users open to buffer overrun attacks. There are two major reasons for this. One reason is that the languages provide unfettered access to the vulnerable memory; the other reason is that developers make mistakes. The simple fact is that even following the best practices and performing quality checks, by the end of the day, no developers can get 100 percent of their code right all the time. Thus, additional built-in layers of defense to help track down vulnerable areas of code are in order. The Visual C++ compiler’s GS switch, which is on by default, is one of the built-in defenses designed to mitigate the buffer overrun attacks.
With VC 10, the next iteration of VC that ships with Visual Studio 2010, Louis Lafreniere and team have delivered the next iteration of /gs, gs++. /gs proved to be invaluable for C++ developers wanting compile time checking for buffer overrun vulnerabilities in their code. specifically targetting string buffers. Well, turns out that certain structs proved to be a suitable exploit and /gs did not check data structures like structs. Louis et al, with gs++, now check for struct vulnerability. Very cool. Thanks guys!
Here, Principal Developer Louis Lafreniere takes us through the history and future of /gs, in a deep way, of course. Most of the time is spent at the whiteboard mapping out exactly how /gs works and what to expect from gs++.
Enjoy!
GoingDeep: Louis Lafreniere: Next Generation Buffer Overrun Protection - gs++
From the C++ Team Blog: A lot of code written in C and C++ has vulnerabilities that leave their users open to buffer overrun attacks. There are two major reasons for this. One reason is that the languages provide unfettered access to the vulnerable memory; the other reason is that developers make...
- Running time
- 0h31m
- File size
- 14.00MB
Episode synopsis
You might also like...
C++ forum discussion
-
how can i in C++ send file to other PC over net ?
by greensqeq (7 replies)
-
QUERY: How to control external exe & read it's process details
by swiftsafe (2 replies)
-
Sorting parallel arrays in C
by joeyMABIA (4 replies)
-
help me with a problem anybody?
by Schleons (5 replies)
-
Logic Warz - Program your own Bot, battle other people's Bots
by Peter767 (2 replies)
C++ jobs
-
Software Developer - Edinburgh
Runtime Revolution in Edinburgh (EH2), United Kingdom
£25-40k (DOE) -
C++ Unix Developer
Flexton Inc. in San Jose, United States
-
Experienced C++ Developer
Pando Networks in New York, United States
Pando Networks offers employees a generous benefits package which includes health and dental care, short and long term disability, life insurance and retirement plans. The compensation offered for the position will commensurate with experience.
Comments