When stack protection does not protect the stack?
نویسندگان
چکیده
منابع مشابه
StackGhost: Hardware Facilitated Stack Protection
Conventional security exploits have relied on overwriting the saved return pointer on the stack to hijack the path of execution. Under Sun Microsystem’s Sparc processor architecture, we were able to implement a kernel modification to transparently and automatically guard applications’ return pointers. Our implementation called StackGhost under OpenBSD 2.8 acts as a ghost in the machine. StackGh...
متن کاملHow Does Safety Stack Up ?
SH&E PROFESSIONALS have a vested interest in knowing more about top-level management—most of whom determine what resources are designated for safety within organizations. By knowing more about these managers’ perceptions of safety, an SH&E professional may be better equipped to negotiate for valued resources. For example, suppose you know that top-level managers within your industry think that ...
متن کاملStack Bounds Protection with Low Fat Pointers
Object bounds overflow errors are a common source of security vulnerabilities. In principle, bounds check instrumentation eliminates the problem, but this introduces high overheads and is further hampered by limited compatibility against un-instrumented code. On 64-bit systems, low-fat pointers are a recent scheme for implementing efficient and compatible bounds checking by transparently encodi...
متن کاملStackGuard: Simple Stack Smash Protection for GCC
Since 1998, StackGuard patches to GCC have been used to protect entire distributions from stack smashing buffer overflows. Performance overhead and software compatibility issues have been minimal. In its history, the parts of GCC that StackGuard has operated in have twice changed enough to require complete overhauls of the StackGuard patch. Since StackGuard is a mature technology, even seeing r...
متن کاملclass STACK ( T ) is { { Implementation of STACK
Embedded speciications in object-oriented (OO) languages such as Eiiel and Sather are based on a rigorous approach towards validation, compatibility and reusability of sequential programs. The underlying method of \design-by-contract" is based on Hoare logic for which concurrency extensions exist. However concurrent OO languages are still in their infancy. They have inherently imperative facets...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the Institute for System Programming of the RAS
سال: 2016
ISSN: 2079-8156,2220-6426
DOI: 10.15514/ispras-2016-28(5)-3