// Copyright (C) 1999 Bell Labs, Lucent Technologies.
// Copyright (C) Arash Baratloo, Timothy Tsai, and Navjot Singh.
//
// This file is part of the Libsafe library.
// Libsafe version 1.0: protecting against stack smashing attacks.
//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Library General Public
// License as published by the Free Software Foundation; either
// version 2 of the License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
// Library General Public License for more details.
//
// You should have received a copy of the GNU Library General Public
// License along with this library; if not, write to the
// Free Software Foundation, Inc., 59 Temple Place - Suite 330,
// Boston, MA  02111-1307, USA.
//
// For more information, 
//   visit http://www.bell-labs.com/org/11356/libsafe.html
//   or email libsafe@research.bell-labs.com

The libsafe library protects a process against the exploitation of
buffer overflow vulnerabilities in process stacks.  Libsafe works with
any existing pre-compiled executable and can be used transparently,
even on a system-wide basis.  The method intercepts all calls to
library functions that are known to be vulnerable.  A substitute
version of the corresponding function implements the original
functionality, but in a manner that ensures that any buffer overflows
are contained within the current stack frame.  Libsafe has been shown
to detect several known attacks and can potentially prevent yet
unknown attacks.  Experiments indicate that the performance overhead
of libsafe is negligible.

The following unsafe functions are currently monitored by libsafe:

              strcpy(char *dest, const char *src)
                     May overflow the dest buffer.

              strcat(char *dest, const char *src)
                     May overflow the dest buffer.

              getwd(char *buf)
                     May overflow the buf buffer.

              gets(char *s)
                     May overflow the s buffer.

              [vf]scanf(const char *format, ...)
                     May overflow its arguments.

              realpath(char *path, char resolved_path[])
                     May overflow the path buffer.

              [v]sprintf(char *str, const char *format, ...)
                     May overflow the str buffer.



For more information see libsafe/doc/libsafe.8.html.
