Libsafe - Detection of Format String Vulnerability Exploits

Buffer overflow exploits constitute perhaps the most common form of computer security attack. Such exploits take advantage of programming errors to overflow buffers, thus writing unintended data to the part of memory that immediately follows the targeted buffers. If the targeted buffer exists on the process stack, then the exploit often attempts to overwrite a return address on the stack, which often results in obtaining root access to that machine.

The original version of libsafe, version 1.3, presented a significant advance in the detection and handling of buffer overflow attacks by offering a solution that detects a large number of exploits with low overhead and tremendous ease of use.

Recently, another widespread vulnerability has received a great deal of attention: the format string vulnerability. The latest version of libsafe, version 2.0, implements a solution for detecting and handling the most dangerous format string vulnerability exploits, while preserving the low overhead and ease of use of the original libsafe.