Engineering Commons^™

Preventing Variadic Function Attacks Through Argument Width Counting, Brennan Ward

USF Tampa Graduate Theses and Dissertations

Format String attacks, first noted in June 2000 [1], are a type of attack in which anadversary has control of the string argument (the format string) passed to a string format function (such as printf). Such control allows the attacker to read and write arbitrary program memory. To prevent these attacks, various methodologies have been proposed, each with their own costs and benefits. I present a novel solution to this problem through argument width counting, ensuring that such format functions cannot access stack memory beyond the space where arguments were placed. Additionally, I show how this approach can be expanded …