diff options
author | Nick Kralevich <nnk@google.com> | 2012-06-07 15:07:51 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2012-06-07 15:24:42 -0700 |
commit | a627d7ca1ab19345b1c02c8193880c789157802e (patch) | |
tree | 60b41226c44676c0caf100f03f67fdca5b933e3e | |
parent | c4f306e38ce408e10cd9af7023b16da0499239cd (diff) | |
download | source.android.com-a627d7ca1ab19345b1c02c8193880c789157802e.tar.gz |
security: update docs
Add/update information about format string vulnerability
protections and stack protections.
Change-Id: I3b1f37253469dfb0f57303cf1831aeb771fc673e
-rw-r--r-- | src/tech/security/index.md | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/tech/security/index.md b/src/tech/security/index.md index 4c598a9d..2b552062 100644 --- a/src/tech/security/index.md +++ b/src/tech/security/index.md @@ -321,7 +321,7 @@ corruption issues significantly harder to exploit, including: + Address Space Layout Randomization (ASLR) to randomize key locations in memory + Hardware-based No eXecute (NX) to prevent code execution on the stack and heap -+ ProPolice to prevent stack buffer overruns ++ ProPolice to prevent stack buffer overruns (-fstack-protector) + safe_iop to reduce integer overflows + Extensions to OpenBSD dlmalloc to prevent double free() vulnerabilities and to prevent chunk consolidation attacks. Chunk consolidation attacks are a @@ -329,6 +329,7 @@ common way to exploit heap corruption. + OpenBSD calloc to prevent integer overflows during memory allocation + Linux mmap_min_addr() to mitigate null pointer dereference privilege escalation ++ Format string vulnerability protections (-Wformat-security -Werror=format-security) ##Rooting of Devices |