Quiz Entry - updated: 2026.07.14
What protections exist against buffer overflow exploits and how does each work?
Four layers: stack canaries, ASLR, DEP/NX, and safe coding — each individually bypassable, but together extremely effective.
* Layered defenses — stack canaries, ASLR, DEP/NX and safe coding each block a different stage of the exploit. *
| Protection | How it works | Bypass technique |
|---|---|---|
| Stack Canaries | Random value between buffer and return address; checked before ret |
Leak canary via format string or info disclosure |
| ASLR (Address Space Layout Randomization) | Randomizes memory layout each execution | Information leaks reveal base addresses |
| DEP/NX (Data Execution Prevention / No-eXecute) | Stack/heap marked non-executable | ROP uses existing executable code (no injection needed) |
| Safe functions | Bounded copies (fgets, strncpy) |
N/A — eliminates the bug class |
Defense-in-depth example:
- Stack canary detects the overflow → program aborts before
ret - Even if canary is bypassed, ASLR means attacker doesn't know where to jump
- Even if addresses leak, DEP prevents executing injected shellcode
- Even if attacker uses ROP, ASLR randomizes gadget locations
Best defense: Layer all protections AND use memory-safe languages where possible.
Go deeper:
Buffer overflow protection (Wikipedia) — stack canaries (terminator/random/XOR) and how each mitigation raises the bar.