NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0815:  Addition of Conditional TSS Activity for FPT_AEX_EXT.1.5

Publication Date

Protection Profiles

Other References

Issue Description

Under certain circumstances, the automated tests in FPT_AEX_EXT.1.5 may produce false negatives or otherwise be unusable.


The Evaluation Activities for FPT_AEX_EXT.1.5 in PP_APP_V1.4 are modified as follows, with green-highlighted underlines indicating additions and red-highlighted strikethroughs indicating deletions:



None.(Conditional: The PE or ELF automated tests fail) The evaluator shall ensure that the TSS describes the stack-based buffer overflow compiler flags.




The evaluator will inspect every native executable included in the TOE to ensure that stack-based buffer overflow protection is present.

Platforms:Microsoft Windows...

Applications that run as Managed Code in the .NET Framework do not require these stack protections. Applications developed in Object Pascal using the Delphi IDE compiled with RangeChecking enabled comply with this element. For other code, the evaluator shall review the TSS and verify that the /GS flag was used during compilation. The evaluator shall run a tool like, BinSkimcope, that can verify the correct usage of /GS.

For PE , the evaluator will disassemble each and ensure the following sequence appears:

mov rcx, QWORD PTR [rsp+(...)]

xor rcx, (...)

call (...)


For ELF executables, the evaluator will ensure that each contains references to the symbol __stack_chk_fail.

Tools such as Canary Detector may help automate these activities.

If these automated tests fail, the evaluator shall perform the above, conditional TSS activity.


See Issue Description.

Site Map              Contact Us              Home