NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0359:  Buffer Protection

Publication Date
2018.09.21

Protection Profiles
PP_APP_v1.2

Other References
FPT_AEX_EXT.1.5

Issue Description

Not all compilers have the /GS compiler option and not all applications are required to be compiled with stack-based buffer overflow protection enabled.

Resolution

The AA for Windows in FPT_AEX_EXT.1.5 is replaced as follows:

For Windows:  Applications that run as Managed Code in the .NET Framework do not require these stack protections. Applications developed in Object Pascal using the Delphi IDE compiled with RangeChecking enabled comply with this element. For other code, the evaluator shall review the TSS and verify that the /GS flag was used during compilation. The evaluator shall run a tool, like BinScope, that can verify the correct usage of /GS.

Justification

See issue description.

 
 
Site Map              Contact Us              Home