Này cố ý sẽ là một hệ thống tinh vi điều chỉnh, do đó bất kỳ sai (như đã giới thiệu một trình gỡ lỗi hoặc giả lập) sẽ gây ra một vụ tai nạn, làm cho nó một kỹ thuật chống gỡ lỗi quá. Kỹ thuật chống tháo gỡ không chỉ để chống vi-rút, các nhà nghiên cứu con người khó chịu. | 128 COMPUTER VIRUSES AND MALWARE Higher memory Print_error s stack frame n d d d7od d d d 78563412 Enon Buffer Pointer to format string Return address Saved frame ptr Printf s stack frame Lower memory Figure . Format string attack in progress free code is the best defense to technical vulnerabilities but expecting this of all software is like asking Santa Claus for world peace - well intentioned but unlikely to happen in the near future. In the meantime two types of defenses can be considered ones that are specific to a type of vulnerability and ones that are more general. Vulnerability-Specific Defenses Defenses can be directed to guarding against certain types of vulnerability. For example Format string vulnerabilities Source code auditing is a particularly effective defense because the number of format functions is relatively small and it is easy to search source code for calls to format Weaknesses Exploited 129 Remove support for Zn in format functions or only allow constant format strings that an attacker can t This defense would break existing code in addition to violating the c specification. If a format function knew how many arguments it had been called with then it could avoid reading nonexistent arguments. Unfortunately this information isn t available at run-time. A program s source code can be altered to supply this information. Calls to known format functions can be wrapped in macros that keep track of the number of arguments passed. Even this doesn t always work because nonstandard format functions may be used or standard format functions may be used in unusual ways. For example the code may save a function pointer to printf and call it later rather than calling printf directly. Stack smashing As mentioned before one defense against stack smashing is to mark the stack s memory as nonexecutable the same idea can be extended to the data and heap segments. This is not a complete defense since a return-to-library .