×

System and methods for run time detection and correction of memory corruption

  • US 8,966,312 B1
  • Filed: 08/09/2013
  • Issued: 02/24/2015
  • Est. Priority Date: 02/09/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • detecting an application layer memory corruption of at least one portion of a control section of original memory by malicious code during run-time, where the application layer memory corruption affects execution flow of an application when otherwise left uncorrected, wherein detecting includes performing at least two different invariant checks at run-time, each invariant check including (a) capturing a state of one or more registers and at least one portion of a data segment of the control section prior to execution of a function call, (b) checking the state after the execution of the function call against the captured state and (c) declaring application layer memory corruption if the checked state and the captured state do not match; and

    reporting the application layer memory corruption to a user.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×