×

System and method for preventing race condition vulnerability

  • US 8,127,413 B2
  • Filed: 07/11/2006
  • Issued: 03/06/2012
  • Est. Priority Date: 07/11/2006
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for reducing vulnerability in a computer system, the computer system having a generation unit, a timer and memory, by identifying vulnerable pairs of function calls, comprising the steps of:

  • generating, by the generation unit, a plurality of pairs of the function calls according to a predefined criteria;

    invoking a first function call from a pair of the function calls by a first user;

    creating a file invariant associated with the pair of the function calls, the file invariant having a tainted flag;

    starting the timer;

    associating the timer with the file invariant;

    if a second function call is from the pair of the function calls and is invoked by a second user and the timer has not expired, denying the second function call to the second user;

    if the second function call is from the pair of the function calls and is invoked by the second user and the timer has expired, setting the tainted flag for the file invariant and allowing the second function call by the second user;

    if the second function call is from the pair of the function calls and is invoked by the first user and the tainted flag for the file invariant is set, denying the second function call to the first user; and

    if the second function call is from the pair of the function calls and is invoked by the first user and the tainted flag for the file invariant is not set, allowing the second function call to the first user, removing the file invariant, and stopping the timer.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×