Pointguard: method and system for protecting programs against pointer corruption attacks
First Claim
1. A method of protecting an application computer program during execution outside of a special environment against pointer corruption attacks, the application computer program implemented using the C programming language, the method comprising the steps of:
- identifying a function;
implementing a protected version of the function, the protected version of the function including;
encrypting values of all data pointers each time the values of the data pointers are modified; and
decrypting the encrypted value of at least one data pointer before use each time the data pointer is read; and
exporting the protected version of the function and an unprotected version of the function,wherein said encrypting and decrypting steps are effected by instructions generated by a compiler during compilation of the said program.
21 Assignments
0 Petitions
Accused Products
Abstract
To protect computer programs against security attacks that attempt to corrupt pointers within the address space of the program, the value of a pointer is encrypted each time the pointer is initialized or modified, and then the value is decrypted before use, i.e., each time the pointer is read. Preferably, the encrypting and decrypting steps are effected by instructions generated by a compiler during compilation of the program. One convenient method of implementing the encrypting and decrypting steps is by XOR'"'"'ing the pointer with a predetermined encryption key value, which could be specially selected or selected at random.
-
Citations
16 Claims
-
1. A method of protecting an application computer program during execution outside of a special environment against pointer corruption attacks, the application computer program implemented using the C programming language, the method comprising the steps of:
-
identifying a function; implementing a protected version of the function, the protected version of the function including; encrypting values of all data pointers each time the values of the data pointers are modified; and decrypting the encrypted value of at least one data pointer before use each time the data pointer is read; and exporting the protected version of the function and an unprotected version of the function, wherein said encrypting and decrypting steps are effected by instructions generated by a compiler during compilation of the said program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of protecting an application computer program during execution outside of a special environment against pointer corruption attacks, the application computer program implemented using the C programming language, the method comprising the steps of:
-
identifying a function; implementing a protected version of the function, the protected version of the function including; encrypting values of pointers each time the values of the pointers are modified; and decrypting the encrypted value of at least one pointer before use each time the pointer is read; and exporting the protected version of the function and an unprotected version of the function, wherein said encrypting and decrypting steps are effected by instructions generated by a compiler during compilation of the said program. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification