POINTGUARD: METHOD AND SYSTEM FOR PROTECTING PROGRAMS AGAINST POINTER CORRUPTION ATTACKS
First Claim
1. A method of protecting an application computer program against pointer corruption attacks while employing a shared library, the method comprising the steps of:
- in the library, responsive to a function call, exporting at least two versions of the called function, including a first version and a second version, wherein one of the first and second versions effects pointer protection by encrypting a value of a pointer each time the value of the pointer is modified; and
decrypting the encrypted value of the pointer each time the pointer is read.
7 Assignments
0 Petitions
Accused Products
Abstract
To protect computer programs against security attacks that attempt to corrupt pointers within the address space of the program, the value of a pointer is encrypted each time the pointer is initialized or modified, and then the value is decrypted before use, i.e., each time the pointer is read. Preferably, the encrypting and decrypting steps are effected by instructions generated by a compiler during compilation of the program. One convenient method of implementing the encrypting and decrypting steps is by XOR'"'"'ing the pointer with a predetermined encryption key value, which could be specially selected or selected at random.
-
Citations
8 Claims
-
1. A method of protecting an application computer program against pointer corruption attacks while employing a shared library, the method comprising the steps of:
in the library, responsive to a function call, exporting at least two versions of the called function, including a first version and a second version, wherein one of the first and second versions effects pointer protection by encrypting a value of a pointer each time the value of the pointer is modified; and
decrypting the encrypted value of the pointer each time the pointer is read.- View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A method of protecting a computer program against pointer corruption attacks while employing a shared library, comprising:
-
running a program; and
linking the program to a shared library, wherein at least one of the program and the shared library includes un-encrypted pointers, and at least one of the program and the shared library includes encrypted pointers.
-
Specification
-
- Resources
-
Current AssigneeApple Inc.
-
Original AssigneeNovell Incorporated (Open Text Corporation)
-
InventorsArnold, Seth, Beattie, Steven, Wagle, Perry, Cowan, Stanley
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/25
-
CPC Class CodesG06F 12/1408 by using cryptography for d...G06F 21/125 by manipulating the program...G06F 21/52 during program execution, e...G06F 9/4486 Formation of subprogram jum...
