What is stack smashing?
Stack smashing is a form of vulnerability that causes the stack of a computer application or operating system to overflow. This can lead to the program / system being destroyed and crashing.
A stack, a first-in-last-out circuit, is a form of buffer that contains intermediate results of operations. To make this easier, stack the decompose by putting more data in a stack than its holding capacity. Skilled hackers can intentionally inject excessive data into the stack.
The excessive data can be stored in other stack variables, including the return address of the function. When the function returns, it jumps to the malicious code on the stack that could harm the entire system. The adjacent data on the stack is affected, forcing the program to crash.
If the stack smashed program accepts data from untrusted networks and runs with special permissions, a security vulnerability is present. If the buffer contains data provided by an untrusted user, the stack can be damaged by injecting executable code into the program, thereby gaining unauthorized access to a computer. An attacker could also overwrite control flow information that is stored on the stack.
As stack smashing has become a very serious security vulnerability, certain technologies are being implemented to overcome the catastrophic disaster. The Stack Buffer Overflow Protection changes the organization of data in the stack frame of a function call to accommodate Canary values. When destroyed, these values indicate that a buffer that preceded the memory has overflowed.
Canary values monitor buffer overflows and are placed on the stack between the control data and the buffer. This ensures that a buffer overflow will corrupt the canary first. A failed verification of channel data means an overflow in the stack. The three Canarian channel types are "Random", "Terminator" and "Random XOR".
The terminator canary is based on the fact that the heap buffer overflow attack depends on string operations ending on terminators. Random canaries are generated randomly from an entropy collection daemon that prevents attackers from knowing values. Random canaries are generated when the program is initialized and saved in global variables. Random XOR canaries are random carriers that are XOR encrypted using control data.
It is similar to random canaries except that the "read from stack" method to get the canary is complex. The hacker needs the canary, algorithm and control data to produce the original canary. They protect against attacks with overflowing buffers in a structure in pointers to change the pointer to point to a piece of control data.