Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SIGSOFT
2003
ACM
2003
ACM
Protecting C programs from attacks via invalid pointer dereferences
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by malicious code. The most common attacks use an unchecked string copy to cause a buffer overrun, thereby overwriting the return address in the function's activation record. Then, when the function "returns", control is actually transferred to the attacker's code. Other attacks may overwrite function pointers, setjmp buffers, system-call arguments, or simply corrupt data to cause a denial of service. A number of techniques have been proposed to address such attacks. Some are limited to protecting the return address only; others are more general, but have undesirable properties such as having a high runtime overhead, requiring manual changes to the source code, or forcing programmers to give up control of data representations and memory management. This paper describes the design and implementation of a security tool for C programs that addresses all these issues: it has ...
Real-time TrafficLow Runtime Overhead | SIGSOFT 2003 | Software Engineering | Unchecked Pointer Dereferences | Unchecked String Copy |
Related Content
| Added | 20 Nov 2009 |
| Updated | 20 Nov 2009 |
| Type | Conference |
| Year | 2003 |
| Where | SIGSOFT |
| Authors | Suan Hsi Yong, Susan Horwitz |
Comments (0)
Researcher Info
|
