我正在阅读Code Complete 2并且我在错误处理中遇到了这个语句:
Call an error-processing routine/object. Another approach is to centralize error handling in a global error-handling routine or error-handling object. The advantage of this approach is that error-processing responsibility can be centralized, which can make debugging easier. The tradeoff is that the whole program will know about this central capability and will be coupled to it. If you ever want to reuse any of the code from the system in another system, you'll have to drag the error-handling machinery along with the code you reuse.
后来它说:
This approach has an important security implication. If your code has encountered a buffer overrun, it's possible that an attacker has compromised the address of the handler routine or object. Thus, once a buffer overrun has occurred while an application is running, it is no longer safe to use this approach.
但我实在无法理解上面的说法。缓冲区溢出如何导致地址泄露?
最佳答案
这是因为错误处理函数的地址存储在应用程序可以访问的内存区域中,就像 32 或 64 位整数一样,具体取决于您的平台。这通常位于堆栈底部的某个位置,但在全局错误处理程序的情况下,它可以位于不同的位置,只要线程知道如何到达那里。
在缓冲区溢出的情况下,如果该内存被不同函数的地址覆盖,则当应用程序发生错误时,将调用新函数而不是预期的错误处理函数。
请注意,详细信息完全取决于您的程序使用的框架或操作系统。本教程有一个适用于 Windows 的很好的示例:
http://www.primalsecurity.net/0x3-exploit-tutorial-buffer-overflow-seh-bypass/
也就是说,缓冲区溢出可能会导致错误处理程序在不替换其地址的情况下变得不安全。典型的例子是文本编辑器,在内部错误迫使进程崩溃之前,使用全局错误处理程序将文档保存到文件中。了解程序的攻击者可能会使用缓冲区溢出将文件流句柄替换为他们控制的不同资源(例如网络套接字)并拦截输出。
关于c - 缓冲区溢出和集中错误处理,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25355801/