Appendix C. Mitigation
This appendix contains information about mitigation techniques.
C.1 Exploit Mitigation Techniques
Various exploit mitigation techniques and mechanisms available today are designed to make exploiting memory corruption vulnerabilities as difficult as possible. The most prevalent ones are these:
Address Space Layout Randomization (ASLR)
Security Cookies (/GS), Stack-Smashing Protection (SSP), or Stack Canaries
Data Execution Prevention (DEP) or No eXecute (NX)
There are other mitigation techniques that are bound to an operating system platform, a special heap implementation, or a file format like SafeSEH, SEHOP, or RELRO (see Section C.2). There are also various heap mitigation techniques (heap cookies, randomization, safe unlinking, ...
Get A Bug Hunter's Diary now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
