Vulnerabilities that exist in many software systems can be exploited by attackers to cause serious damages to the users. One of such attacks that have become widely spread in the last decade is the buffer overflow attack. The attacker can, if successful, execute an arbitrary code with the same access privileges as the attacked process. Thus, if the attacked process is a root process, the attackers can execute any kind of code they want and therefore causing a security breach in the system. In this paper, we propose a new solution to the buffer overflow attacks that can protect return addresses from being overwritten. Our solution works with string library functions, such as
() by preventing access to memory locations beyond the frame pointer of a function, and thus preventing overwriting the return address. Unlike other approaches that have been used to solve the buffer overflow attack, our solution can detect and fix buffer overflow vulnerabilities in executable (i.e.,the
or binary files). In other words, our solution does not require the availability of the program source code, which may not be available for many applications, and does not require any hardware modifications, which can be expensive. Therefore, we developed a tool that can be used to convert a vulnerable program to a safe version that is protected against buffer overflow attacks.