-
公开(公告)号:US20140283088A1
公开(公告)日:2014-09-18
申请号:US13804056
申请日:2013-03-14
发明人: Khalid Nawaf AlHarbi , Xiaodong Lin
IPC分类号: G06F21/64
CPC分类号: G06F21/52 , G06F21/64 , G06F2221/033
摘要: Improved buffer overflow protection for a computer function call stack is provided by placing a predetermined ShadowKEY value on a function's call stack frame and copying the ShadowKEY, a caller EBP, and a return pointer are pushed onto a duplicate stack. The prologue of the function may be modified for this purpose. The function epilogue is modified to compare the current values of the ShadowKEY, caller EBP, and the return pointer on the function stack to the copies stored on the duplicate stack. If they are not identical, an overflow is detected. The preserved copies of these values may be copied back to the function stack frame thereby enabling execution of the process to continue. A function prologue and epilogue may be modified during compilation of the program.
摘要翻译: 通过在函数的调用堆栈框架上放置一个预定的ShadowKEY值并复制ShadowKEY,一个调用者EBP和一个返回指针来提供对计算机函数调用堆栈的改进的缓冲区溢出保护。 为此,可以修改该功能的序言。 修改函数结尾,将ShadowKEY,调用者EBP和函数堆栈上的返回指针的当前值与存储在重复堆栈上的副本进行比较。 如果它们不相同,则检测到溢出。 这些值的保留副本可以被复制回到功能堆栈帧,从而使得该进程的执行继续。 在程序编译期间可能会修改函数序言和结尾语。
-
公开(公告)号:US09251373B2
公开(公告)日:2016-02-02
申请号:US13804056
申请日:2013-03-14
发明人: Khalid Nawaf AlHarbi , Xiaodong Lin
CPC分类号: G06F21/52 , G06F21/64 , G06F2221/033
摘要: Improved buffer overflow protection for a computer function call stack is provided by placing a predetermined ShadowKEY value on a function's call stack frame and copying the ShadowKEY, a caller EBP, and a return pointer are pushed onto a duplicate stack. The prologue of the function may be modified for this purpose. The function epilogue is modified to compare the current values of the ShadowKEY, caller EBP, and the return pointer on the function stack to the copies stored on the duplicate stack. If they are not identical, an overflow is detected. The preserved copies of these values may be copied back to the function stack frame thereby enabling execution of the process to continue. A function prologue and epilogue may be modified during compilation of the program.
-