The Cost of Preventing a Buffer Overflow

In the paper we have considered the main methods of buffer overflows, mitigation strategies, and their influence on the memory consumption. The analysis of various methods of stack protection has given us an estimate of the additional memory required for the implementation of specific techniques. The size of the additional memory depends on many factors including computer architecture, OS environment, programming languages used to create the program. For the protection methods considered in the paper, the cost may vary from the insignificant amount for prevention purposes, based on the careful analysis of input data in the program, to the use of Guard Pages when extra memory may include additional pages of the memory. In many cases developers have to use various mitigation strategies in order to make programs less vulnerable to buffer overflows. The main contribution of this paper is the analysis and evaluation of the additional memory required for the various methods of protection from buffer overflow. The current paper allows readers to understand the cost of these methods more clearly, which, in turn, will result in more efficient and secure programs. The results of this paper are useful for both software developers and the instructors who teach methods of secure programming.