The buffer overflow problem we observed in attackme.cc
involved a
stack buffer. Which of these potential fixes for stack buffer
overflows are most attractive to you? Rank them according to whatever
criteria you decide.
Using a memory-safe language, such as Rust, where buffer overflows can never occur. Disadvantage: These languages can be slightly slower.
Adapting hardware protection mechanisms to catch these kinds of issues. For instance, stack buffers could be located in separate memory where overflows immediately crashed the program (at a hardware level).
Running with sanitization: adapt the compiler to verify buffer writes are within bounds; if the compiler observes an out-of-bounds write, it should ignore it or cause the program to exit.
Adapting sanitization-like approaches to catch buffer overflows using lighter-weight techniques. For instance, the compiler could sanitize accesses to the most dangerous-looking buffers, or it could catch errors not immediately when they occur, but shortly afterwards (e.g. when another function is called).