...
| Anchor | ||||
|---|---|---|---|---|
|
mitigation [Seacord 2005a]
Methods, techniques, processes, tools, or runtime libraries that can prevent or limit exploits against vulnerabilities.
| Anchor | mutilated value | mutilated value |
|---|
Result of an operation performed on an untainted value that yields either an undefined result (such as the result of signed integer overflow), the result of right-shifting a negative number, implicit conversion to an integral type where the value cannot be represented in the destination type, or unsigned integer wrapping.
EXAMPLEint j = INT_MAX + 1; // j is mutilated
char c = 1234; // c is mutilated if char is eight bits
unsigned int u = 0U - 1; // u is mutilated
NOTE
A mutilated value can be just as dangerous as a tainted value because it can differ either in sign or magnitude from what the programmer expects.
| Anchor | |||
|---|---|---|---|
|
nonpersistent signal handler
Signal handler running on an implementation that requires the program to again register the signal handler after occurrences of the signal to catch subsequent occurrences of that signal.
...