Protection against stack buffer overrun exploitation

Protection against stack buffer overrun exploitation

Stack buffer overrun situations may be handled by a computer program that checks the memory location from where a particular function is called. As long as the return address for the function call is from a memory location of a known library that is loaded in memory, normal operation continues. If t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: WINKLER PATRICK
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Stack buffer overrun situations may be handled by a computer program that checks the memory location from where a particular function is called. As long as the return address for the function call is from a memory location of a known library that is loaded in memory, normal operation continues. If the memory location is not from a known library, the function call is suspect and execution may be terminated, since such a location may cause malicious software to be executed or abnormal program execution to happen. The memory location may also be verified by additional means, including testing whether the memory page permissions permit execution. The computer program may be a plug-in to an existing application and may also have a user-editable component. The computer program can enable a quick deployment of a temporary fix to a malicious software problem before a more permanent solution may be deployed.