Under certain circumstances, the automated tests in FPT_AEX_EXT.1.5 may produce false negatives or otherwise be unusable.

The Evaluation Activities for FPT_AEX_EXT.1.5 in PP_APP_V1.4 are modified as follows, with green-highlighted underlines indicating additions and red-highlighted strikethroughs indicating deletions:

TSS

None.(Conditional: The PE or ELF automated tests fail) The evaluator shall ensure that the TSS describes the stack-based buffer overflow compiler flags.

Guidance

None.

Tests

The evaluator will inspect every native executable included in the TOE to ensure that stack-based buffer overflow protection is present.

Platforms:Microsoft Windows...

Applications that run as Managed Code in the .NET Framework do not require these stack protections. Applications developed in Object Pascal using the Delphi IDE compiled with RangeChecking enabled comply with this element. For other code, the evaluator shall review the TSS and verify that the /GS flag was used during compilation. The evaluator shall run a tool like, BinSkimcope, that can verify the correct usage of /GS.

For PE , the evaluator will disassemble each and ensure the following sequence appears:

.

For ELF executables, the evaluator will ensure that each contains references to the symbol __stack_chk_fail.

Tools such as Canary Detector may help automate these activities.

If these automated tests fail, the evaluator shall perform the above, conditional TSS activity.

See Issue Description.