I'd just like to announce that we have a heap protection system for glibc available for download. The system detects and prevents all heap overflow exploits that modify inline control information from succeeding against a protected application, can be installed system-wide or on a per-process basis using LD_PRELOAD, and is transparent to existing applications.
We would definitely appreciate any feedback and bug reports on the code. The patch and some additional information is available at:
http://www.cs.ucsb.edu/~wkr/projects/heap_protection/
Enjoy!
-- William Robertson Reliable Software Group, UC Santa Barbara http://www.cs.ucsb.edu/~wkr/
