Securing heap memory by data pointer encoding
| Autor: | Kyung-Tae Kim, Changwoo Pyo |
|---|---|
| Rok vydání: | 2012 |
| Předmět: |
Tagged pointer
Computer Networks and Communications Programming language C dynamic memory allocation Computer science Hazard pointer Smart pointer Linked list computer.software_genre Memory management Heap overflow Hardware and Architecture Dangling pointer Pointer swizzling TheoryofComputation_LOGICSANDMEANINGSOFPROGRAMS Pointer (computer programming) Escape analysis Binary heap computer Pointer analysis Software |
| Zdroj: | Future Generation Computer Systems. 28:1252-1257 |
| ISSN: | 0167-739X |
| DOI: | 10.1016/j.future.2011.02.006 |
| Popis: | Since pointer variables frequently cause programs to crash in unexpected ways, they often pose vulnerability abused as immediate or intermediate targets. Although code pointer attacks have been historically dominant, data pointer attacks are also recognized as realistic threats. This paper presents how to secure heap memory from data pointer attacks, in particular, heap overflow attacks. Our protection scheme encrypts the data pointers used for linking free chunks, and decrypts the pointers only before dereferencing. We also present a list structure with duplicate links that is harder to break than the conventional linked list structure. Our experiment shows that the proposed data pointer encoding is effective and has slightly better performance than the integrity check of link pointers in GNU's standard C library. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect