ProPolice


Stackguard on steroids

gcc modification: machine-independent (well, kind of...)

Function prologue puts random canary on stack next to return address

Function epilogue checks random canary for modification

Rearranges stack to put buffers closer to return address
so flags and pointers are lower, harder to hit
so overflows are more likely to hit canary

If canary is modified, alert & kill process 

(Will not work on hppa yet)

Very low overhead.