the C++ Team Blog
: A lot of code written in C and C++ has vulnerabilities that leave their users open to buffer overrun attacks. There are two major reasons for this. One reason is that the languages provide unfettered access to the vulnerable memory;
the other reason is that developers make mistakes. The simple fact is that even following the best practices and performing quality checks, by the end of the day, no developers can get 100 percent of their code right all the time. Thus, additional built-in
layers of defense to help track down vulnerable areas of code are in order. The Visual C++ compiler’s GS switch, which is on by default, is one of the built-in defenses designed to mitigate the buffer overrun attacks.
With VC 10, the next iteration of VC that ships with Visual Studio 2010, Louis Lafreniere and team have delivered the next iteration of /GS, /GS++. /GS proved to be invaluable for C++ developers wanting compile time checking for buffer overrun vulnerabilities
in their code. specifically targetting string buffers. Well, turns out that certain structs proved to be a suitable exploit and /GS did not check data structures like structs. Louis et al, with /GS++, now check for certain typed of struct vulnerability (stack
Here, Principal Developer Louis Lafreniere takes us through the history and future of /GS, in a deep way, of course. Most of the time is spent at the whiteboard mapping out exactly how /GS works and what to expect from /GS++.