pl
en
Buffer / heap overflow system protections in system functions responsible for memory management are constantly evolving. One of such examples is a recent change is S flag addition to malloc() function in OpenBSD 4.7 version. This functions has been modified few times before including intrudction of page address randomization.
Evolution of such safeguards is a very positive trend because vulnerabilities in operating system tend to be critical. Introducing new, more advanced protection mechanisms exploitation of such bugs becomes harder. On the other hand – as VDM vulnerability has shown – system architects have still long road ahead of them.