SQ14116
Detected Windows executable files that might ineffectively generate the security cookie value.
| priority | CI/CD status | severity | effort | RL level | RL assessment |
|---|---|---|---|---|---|
 | pass | low | high | None | hardening: warning Reason: mitigation effectiveness issues |
About the issueโ
Buffer overrun protection (Stack Guard) is a vulnerability mitigation option that prevents stack-based memory corruptions. Special values, called stack cookies, are inserted in the stack immediately before the return address value. Code flow protection is achieved by monitoring for unexpected stack cookie value changes. The stack cookie value initialization is delegated to an application-defined function. That is not a recommended practice, as the protection effectiveness depends on the random number generator strength.
How to resolve the issueโ
- Revert the stack cookie value initialization back to the operating system-defined implementation. This will reduce the chance that a predictable stack cookie value could be used during an application run.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes.
For every repository, the chart shows the percentage of projects that triggered the software assurance policy. In other words, it shows how many projects were found to have the specific issue described on this page.
The percentages are calculated from the total amount of packages analyzed:
- RubyGems: 174K
- Nuget: 189K
- PyPi: 403K
- NPM: 2.1M
Recommended readingโ
- Security Technologies: Stack Smashing Protection (StackGuard) (External resource - Red Hat)
- Stack Canaries โ Gingerly Sidestepping the Cage (External resource - SANS)
- Random Number Generator (External resource - HYPR)