Secure pointers
First Claim
Patent Images
1. A method comprising:
- receiving an address of a storage location of a pointer from code that accesses the pointer;
finding an entry in a pointer map based on the pointer, wherein the entry comprises an address of a storage location of a target of the pointer;
determining whether the entry further comprises the address of the storage location of the pointer; and
if the entry comprises the address of the storage location of the pointer, returning the address of the storage location of the target of the pointer to the code that accesses the pointer.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus, system, and signal-bearing medium that in an embodiment map a pointer to a target indirectly via a pointer map. In an embodiment, the pointer map is stored in a reserved area and an entry for the pointer in the pointer map includes a back-pointer containing an address of the pointer and a target-address containing the address of the target. When the pointer is accessed, the pointer is checked to ensure its contents point at the entry in the pointer map in the reserved area and that the back-pointer in the pointer map entry points back at the pointer. In this way, pointers are protected from being modified illegitimately.
12 Citations
20 Claims
-
1. A method comprising:
-
receiving an address of a storage location of a pointer from code that accesses the pointer; finding an entry in a pointer map based on the pointer, wherein the entry comprises an address of a storage location of a target of the pointer; determining whether the entry further comprises the address of the storage location of the pointer; and if the entry comprises the address of the storage location of the pointer, returning the address of the storage location of the target of the pointer to the code that accesses the pointer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
-
means for storing a target-address in an entry of a pointer-map, wherein the target-address comprises a first address of a storage location of a target of a pointer; means for storing a painter-address in the entry of the pointer-map, wherein the pointer-address comprises a second address of a storage location of the pointer; means for storing a third address of a location of the entry into the storage location of the pointer; means for receiving the pointer-address from code that accesses the pointer; means for finding the entry in the pointer map based on the pointer-address; and means for returning the target-address of the target of the pointer to the code that accesses the pointer if the entry comprises the pointer-address. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A signal-bearing medium encoded with instructions, wherein the instructions when executed by a processor comprise:
-
receiving a pointer-address, wherein the pointer-address comprises an address of a storage location of a pointer, and a target-address; determining whether a pointer has a valid entry in a pointer map based on the pointer-address;
wherein the determining further comprises determining whether the pointer-address exists in the pointer map;when the valid entry does not exist, creating a new entry in the pointer map for the pointer; and
storing the target-address in the new entry;receiving the pointer-address from code that accesses the pointer; finding the new entry in the pointer map based on the pointer address; and returning the target-address of a target of the pointer to the code that accesses the pointer if the new entry comprises the pointer-address. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A signal-bearing medium encoded with a data structure accessed by a controller that is to be executed by a processor, wherein the data structure comprises at least one entry, wherein the entry comprises:
-
a back-pointer, wherein the controller is to set an address of a storage location of a pointer in the back-pointer; and a target-address, wherein the controller is to set an address of a target of the pointer in the target-address, is to store an address of the entry in the storage location of the pointer, is to receive the address of the storage location of the pointer, and is to determine whether the pointer is valid based on whether content of the back-pointer equals the address of the storage location of the pointer, and is to find the target-address of the target based on the entry, and return the target-address of the target of the pointer to code that accesses the pointer if the pointer is valid. - View Dependent Claims (17)
-
-
18. An electronic device comprising:
-
a processor; and a storage device encoded with instructions, wherein the instructions when executed on the processor comprise; receiving a pointer-address, wherein the pointer-address comprises an address of a storage location of a pointer and a target-address, determining whether the pointer has an entry that is valid in a pointer map based on the pointer-address, wherein the determining further comprises determining whether a back-pointer in the entry comprises the pointer-address, when the pointer has the entry that is valid, storing the target-address in the valid entry, receiving the pointer-address from code that accesses the pointer, finding the entry in the pointer map based on the painter-address, and returning the target-address of a target of the pointer to the code that accesses the pointer if the entry comprises the pointer-address. - View Dependent Claims (19, 20)
-
Specification