|
From: Steve G <lin...@ya...> - 2003-08-29 19:51:29
|
>The motivating example here is a fairly ambitious >project to automatically patch certain known classes >of software vulnerabilities like stack or heap-based >overflows. Have you looked at libsafe? It might be an easier approach to do this kind of thing. As a matter of fact, I have hacked it to add instrumentation for several more overflows than the authors did. You can get my imprroved version here: www.web-insights.net/libsafe. You can diff it against the official version to see how easy it is to add instrumentation. As for doing a transaction based system, it sounds like you are going to be doing a setjmp & longjmp when it doesn't work out. This is similar in concept to libchkpt which is a check pointing library. The only difference is that rather than moving the process to another machine, you will want to do something else. You may be able to adapt libsafe+libchkpt to achieve a transaction based system. Sounds interesting. -Steve Grubb __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com |