Protecting C programs from attacks via invalid pointer dereferences

12 years 7 months ago
Protecting C programs from attacks via invalid pointer dereferences
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by malicious code. The most common attacks use an unchecked string copy to cause a buffer overrun, thereby overwriting the return address in the function's activation record. Then, when the function "returns", control is actually transferred to the attacker's code. Other attacks may overwrite function pointers, setjmp buffers, system-call arguments, or simply corrupt data to cause a denial of service. A number of techniques have been proposed to address such attacks. Some are limited to protecting the return address only; others are more general, but have undesirable properties such as having a high runtime overhead, requiring manual changes to the source code, or forcing programmers to give up control of data representations and memory management. This paper describes the design and implementation of a security tool for C programs that addresses all these issues: it has ...
Suan Hsi Yong, Susan Horwitz
Added 20 Nov 2009
Updated 20 Nov 2009
Type Conference
Year 2003
Authors Suan Hsi Yong, Susan Horwitz
Comments (0)