Methods, apparatus, and data structures for data driven computer patches and static analysis of same

US 5,790,856 A
Filed: 05/08/1995
Issued: 08/04/1998
Est. Priority Date: 05/08/1995
Status: Expired due to Term

First Claim

Patent Images

1. A computer implemented process intended to execute within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the computer implemented process having a dynamically linked and patched library structure comprising:

a root code fragment including root functionality for said computer implemented process, said computer implemented process using said given function, said root code fragment including a main symbol and at least one import symbol, wherein said main symbol is used to launch said computer implemented process after it has been bound to any import library code fragments that it requires;

an import library code fragment linked to said root code fragment by said at least one library import symbol, such that said import library code fragment can be bound to said root code fragment prior to said launch of said computer implemented process; and

a patch library code fragment stored in a predefined format such that the patch library code fragment is discernible when the computer implemented process is in a quiescent state, the patch library code fragment including a patch description data structure having at least one patch descriptor which indicates a patch which is intended to affect said given function utilized by said computer implemented process,wherein the presence of said patch library code fragment in said dynamically linked and patched library structure is operable to affect a functionality of said given function only with respect to said computer implemented process.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention teaches a variety of methods, apparatus and data structures for providing data driven patching. According to one embodiment, patches are stored in a known format in a discernible location. In the described embodiment, each fragment code may have a corresponding patch library. This enables the patches to be located and analyzed in a quiescent state. In a method aspect of the present invention, the operating system, or a separate utility program, can evaluate and selectively add patches. Therefore, the present invention introduces a patch integrity validation layer into the patching process. In another method aspect, the invention teaches evaluating the patches in a quiescent state whereby the patches introduced by a program or a combination of programs may be exhaustively evaluated prior to execution.

340 Citations

41 Claims

1. A computer implemented process intended to execute within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the computer implemented process having a dynamically linked and patched library structure comprising:
- a root code fragment including root functionality for said computer implemented process, said computer implemented process using said given function, said root code fragment including a main symbol and at least one import symbol, wherein said main symbol is used to launch said computer implemented process after it has been bound to any import library code fragments that it requires;
  
  an import library code fragment linked to said root code fragment by said at least one library import symbol, such that said import library code fragment can be bound to said root code fragment prior to said launch of said computer implemented process; and
  
  a patch library code fragment stored in a predefined format such that the patch library code fragment is discernible when the computer implemented process is in a quiescent state, the patch library code fragment including a patch description data structure having at least one patch descriptor which indicates a patch which is intended to affect said given function utilized by said computer implemented process,wherein the presence of said patch library code fragment in said dynamically linked and patched library structure is operable to affect a functionality of said given function only with respect to said computer implemented process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A computer implemented process as recited in claim 1 wherein said patch library code fragment and said import library code fragment are connected by a link mechanism, said link mechanism arranged to enable inclusion of said patch library code fragment within said process.
  - 3. A computer implemented process as recited in claim 2 wherein said import library code fragment and said patch library code fragment each include an identical name descriptor, said identical name descriptor serving as said link mechanism.
  - 4. A computer implemented process as recited in claim 3 wherein said import library code fragment further includes a type import library descriptor and said patch library code fragment further includes a type patch library descriptor, whereby said import library code fragment and said patch library code fragment are readably distinguished.
  - 5. A computer implemented process as recited in claim 1 wherein said root code fragment and said import library code fragment are connected by a link mechanism, said link mechanism arranged to enable inclusion of said patch library code fragment within said process.
  - 6. A computer implemented process as recited in claim 5 wherein said root code fragment and said patch library code fragment each include an identical name descriptor, said identical name descriptor serving as said link mechanism.
  - 7. A computer implemented process as recited in claim 6 wherein said import library code fragment further includes a type application descriptor and said patch library code fragment includes a type patch library descriptor, whereby said root code fragment and said patch library code fragment are readably distinguished.
  - 8. A computer implemented process as recited in claim 1 wherein said computer implemented process is resident on a computer system and said patch library code fragment is arranged to be included in every process implemented on said computer system.
  - 9. A computer implemented process as recited in claim 1 wherein said computer implemented process is resident on a computer system and said patch library code fragment is arranged to be selectively included in any process implemented on said computer system.
  - 10. A computer implemented process as recited in claim 1 wherein said patch description data structure further includes a signature element, said signature element indicating that said patch library code fragment is a patch type library, said signature element for use in a consistency check which verifies the type of said patch library code fragment.
  - 11. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor includes an original routine pointer pointing to said given function.
  - 12. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor includes a patch routine pointer pointing to said patch.
  - 13. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor includes ordering information, said ordering information arranged to indicate an insertion point for said patch within a patch chain for said given function, said patch chain intended to affect said given function.
  - 14. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor includes an activate on install flag, said activate on install flag arranged to indicate whether said patch is to affect said given function immediately after installation or if said patch is to remain quiescent after installation.
  - 15. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor includes a status flag arranged to indicate if said patch was successfully installed.
  - 16. A computer implemented process as recited in claim 1 wherein said at least one patch descriptor comprises:
    - an original routine pointer pointing to said given function;
      
      a patch routine pointer pointing to said patch;
      
      ordering information arranged to indicate an insertion point for said patch within a patch chain for said given function, said patch chain intended to affect said given function;
      
      an activate on install flag, said activate on install flag arranged to indicate whether said patch is to affect said given function immediately after installation or if said patch is to remain quiescent after installation; and
      
      a status flag arranged to indicate if said patch was successfully installed.
  - 17. A computer system comprising:
    - a central processing unit;
      
      memory coupled to said central processing unit; and
      
      a process as recited in claim 1, said process resident in said memory and executing on said central processing unit.

18. A method for binding a computer implemented process in preparation for execution within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the computer implemented process having a dynamically linked and patched library structure, the method comprising the steps of:
- retrieving a root code fragment including root functionality for said computer implemented process, said computer implemented process using said given function, said root code fragment including a main symbol and a list of import symbols, wherein said main symbol is used to launch said computer implemented process after it has been bound to any import library code fragments that it requires;
  
  retrieving all import library code fragments linked to said root code fragment due to the inclusion of a symbol in said library code fragment that corresponds to a symbol in said list of import symbols;
  
  determining which patch library code fragments are linked to said retrieved import library code fragments, each of said patch library code fragments including a patch description data structure having at least one patch which affects said given function utilized by said computer implemented process;
  
  binding all import library code fragments that are linked to said root fragment to said root fragment; and
  
  installing said at least one patch to affect the use of said given function by said computer implemented process such that a call made by said computer implemented process to said given function is re-directed to said patch,wherein the installation of said patch library code fragment in said dynamically linked and patched library structure is operable to affect a functionality of said given function only with respect to said computer implemented process.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. A method as recited in claim 18 wherein each retrieved import library code fragment has an import library name and said step for determining which patch library code fragments are linked to said retrieved import library code fragments includes the substeps of:
    - providing a list of possible patch library code fragments, each possible patch library code fragment including a patch library name;
      
      for each possible patch library fragment, determining if said patch library name matches an import library name corresponding to one of said retrieved import library code fragments;
      
      retrieving each patch library fragment whose patch library name matches an import library name corresponding to one of said retrieved import library code fragments.
  - 20. A method as recited in claim 18 further including the step of retrieving said patch library code fragments which are linked to said retrieved import library code fragments.
  - 21. A method as recited in claim 18 further including the steps of:
    - determining which patch library code fragments are linked to said root code fragment;
      
      retrieving all patch library code fragments which are linked to said root code fragment; and
      
      installing each patch indicated within said all patch library code fragments which are linked to said root code fragment.
  - 22. A method as recited in claim 18 further including the step of generating an empty data closure wherein all fragments intended for use in said process will be installed upon retrieval, said empty data closure arranged to allocate memory for said process.
  - 23. A method as recited in claim 22 wherein said step of retrieving all import library code fragments linked to said root code fragment includes the following substeps performed for each retrieved library:
    - mapping a current library into memory, said mapping generating an executable instance of said retrieved library;
      
      creating sections for said current library; and
      
      assigning export addresses for said current library.
  - 24. A method as recited in claim 18 further including the steps of:
    - retrieving all import library code fragments linked to said import library code fragments linked to said root code fragment which have not already been retrieved;
      
      retrieving all import library code fragments linked to said patch library code fragments linked to said retrieved import library code fragments.

25. A method for statically testing a computer implemented process intended for execution within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the computer implemented process having a dynamically linked and patched library structure, the method comprising:
- retrieving a root code fragment including root functionality for said computer implemented process, said computer implemented process using said given function, said root code fragment including a main symbol and a list of import symbols, wherein said main symbol is used to launch said computer implemented process after it has been bound to any import library code fragments that it requires;
  
  retrieving all import library code fragments linked to said root code fragment due to the inclusion of a symbol in said library code fragment that corresponds to a symbol in said list of import symbols;
  
  determining which patch library code fragments are linked to said retrieved import library code fragments, each of said patch library code fragments including a patch description data structure including at least one patch which affects said given function utilized by said computer implemented process, the linking of said at least one patch being operable to affect said given function only with respect to said computer implemented process;
  
  binding all import library code fragments that are linked to said root fragment to said root fragment; and
  
  statically analyzing the functionality of said at least one patch to predict the result of a call made by said computer implemented process to said given function after said call has been re-directed to said patch.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. A method as recited in claim 25 wherein each retrieved import library code fragment has an import library name and said step for determining which patch library code fragments are linked to said retrieved import library code fragments includes the substeps of:
    - providing a list of possible patch library code fragments, each possible patch library code fragment including a patch library name;
      
      for each possible patch library fragment, determining if said patch library name matches an import library name corresponding to one of said retrieved import library code fragments;
      
      retrieving each patch library fragment whose patch library name matches an import library name corresponding to one of said retrieved import library code fragments.
  - 27. A method as recited in claim 25 further including the step of retrieving said patch library code fragments which are linked to said retrieved import library code fragments.
  - 28. A method as recited in claim 25 further including the steps of:
    - determining which patch library code fragments are linked to said root code fragment;
      
      retrieving all patch library code fragments which are linked to said root code fragment; and
      
      analyzing each patch indicated within said all patch library code fragments which are linked to said root code fragment.
  - 29. A method as recited in claim 25 further including the step of generating an empty data closure wherein all fragments intended for use in said process will be installed upon retrieval, said empty data closure arranged to allocate memory for said process.
  - 30. A method as recited in claim 29 wherein said step of retrieving all import library code fragments linked to said root code fragment includes the substep of mapping each retrieved library into memory, said mapping generating an executable instance of said retrieved library.
  - 31. A method as recited in claim 25 further including the steps of:
    - retrieving all import library code fragments linked to said import library code fragments linked to said root code fragment which have not already been retrieved;
      
      retrieving all import library code fragments linked to said patch library code fragments linked to said retrieved import library code fragments.
  - 32. A method as recited in claim 25 further including the computer controlled step of generating a report in response to said analyzing step, said report including information regarding said predicted results of a call made by said desired process to said given function after said call has been re-directed to said patch.

33. A binding manager for binding a dynamically linked and patched library structure into a desired process intended for execution within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the binding manager comprising:
- digital processor means;
  
  memory means coupled to said digital processor means;
  
  fragment retrieving means executing on said digital processor means for retrieving root code fragments and import library code fragments stored in said memory means, wherein each of said root code fragments includes root functionality for a desired process, said desired process using said given function, each root code fragment including a main symbol and a list of import symbols, wherein said main symbol is used to launch said desired process after it has been bound to any import library code fragments that it requires, and wherein said import library code fragments are linked to said root code fragment due to the inclusion of a symbol in said library code fragment that corresponds to a symbol in said list of import symbols;
  
  fragment handling means executing on said digital processor means for determining which patch library code fragments are linked to said retrieved import library code fragments, said patch library code fragments each including a patch description data structure including at least one patch which affects said given function utilized by said desired process, the linking of said at least one patch being operable to affect said given function only with respect to said desired process;
  
  binding means executing on said digital processor for binding all import library code fragments that are linked to said root fragment to said root fragment; and
  
  patch manager means executing on said digital processor for installing said at least one patch to affect the use of said given function by said desired process such that a call made by said desired process to said given function is re-directed to said patch.
- View Dependent Claims (34, 35, 36)
- - 34. A binding manager as recited in claim 33 wherein each retrieved import library code fragment has an import library name and said fragment handling means includes:
    - means for providing a list of possible patch library code fragments, each possible patch library code fragment including a patch library name;
      
      match determination means responsive to said list of patch library code fragments for determining if a specific patch library name matches an import library name corresponding to one of said retrieved import library code fragments;
      
      fragment retrieval means responsive to said match determination means for retrieving each patch library fragment whose patch library name matches an import library name corresponding to one of said retrieved import library code fragments.
  - 35. A binding manager as recited in claim 33 further including means for generating an empty data closure wherein all fragments intended for use in said process will be installed upon retrieval, said empty data closure arranged to allocate memory for said process.
  - 36. A binding manager as recited in claim 33 wherein said fragment retrieving means includes:
    - mapping means for mapping a retrieved library into memory, said mapping means operative to generate an executable instance of said retrieved library;
      
      section means for creating sections for said retrieved library; and
      
      export means for assigning export addresses for said retrieved library.

37. A static patch analyzer for analyzing a dynamically linked and patched library structure intended for use within a dynamically linked computing environment, the dynamically linked computing environment capable of supporting a plurality of computer implemented processes, the dynamically linked computing environment providing a given function available for use by said plurality of computer implemented processes, the static patch analyzer comprising:
- digital processor means;
  
  memory means coupled to said digital processor means;
  
  fragment retrieving means executing on said digital processor means for retrieving root code fragments and import library code fragments stored in said memory means, wherein each of said root code fragments includes root functionality for a desired process, said desired process using said given function, each root code fragment including a main symbol and a list of import symbols, wherein said main symbol is used to launch said desired process after it has been bound to any import library code fragments that it requires, and wherein said import library code fragments are linked to said root code fragment due to the inclusion of a symbol in said library code fragment that corresponds to a symbol in said list of import symbols;
  
  fragment handling means executing on said digital processor means for determaining which patch library code fragment are linked to said retrieved import library code fragments, said patch library code fragment including a patch description data structure including at least one patch which affects said given function utilized by said desired process, the linking of said at least one patch being operable to affect said given function only with respect to said desired process;
  
  binding means executing on said digital processor for binding all import library code fragments that are linked to said root fragment to said root fragment; and
  
  patch analyzer means for statically analyzing the functionality of said at least one patch to predict the result of a call made by said desired process to said given function after said call has been re-directed to said patch.
- View Dependent Claims (38, 39, 40, 41)
- - 38. A static patch analyzer as recited in claim 37 wherein each retrieved import library code fragment has an import library name and said fragment handling means includes:
    - means for providing a list of possible patch library code fragments, each possible patch library code fragment including a patch library name;
      
      match determination means responsive to said list of patch library code fragments for determining if a specific patch library name matches an import library name corresponding to one of said retrieved import library code fragments;
      
      means responsive to said match determination means for retrieving each patch library fragment whose patch library name matches an import library name corresponding to one of said retrieved import library code fragments.
  - 39. A static patch analyzer as recited in claim 37 further including means for generating an empty data closure wherein all fragments intended for use in said desired process will be installed upon retrieval, said empty data closure arranged to allocate memory for said process.
  - 40. A binding manager as recited in claim 37 wherein said fragment retrieving means includes:
    - mapping means for mapping a retrieved library into memory, said mapping means operative to generate an executable instance of said retrieved library;
      
      section means for creating sections for said retrieved library; and
      
      export means for assigning export addresses for said retrieved library.
  - 41. A binding manager as recited in claim 37 further including report generation means responsive to said patch analyzer means to generate a report in response to said analyzing step, said report including information regarding said predicted results of a call made by said desired process to said given function after said call has been re-directed to said patch.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Computer Incorporated (Apple Inc.)
Inventors
Lillich, Alan W.
Primary Examiner(s)
Kriess, Kevin A.
Assistant Examiner(s)
CORCORAN, PETER JOSEPH

Application Number

US08/436,945
Time in Patent Office

1,184 Days
Field of Search

395/700, 395/650, 395/705, 395/710, 395/712, 395/653, 395/703
US Class Current

717/163
CPC Class Codes

G06F 8/30 Creation or generation of s...

G06F 8/65 Updates security arrangemen...

Methods, apparatus, and data structures for data driven computer patches and static analysis of same

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

340 Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, apparatus, and data structures for data driven computer patches and static analysis of same

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

340 Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links