Countering buffer overrun security vulnerabilities in a CPU
First Claim
1. A method of preventing buffer overrun security vulnerabilities comprising:
- executing a modified call routine for placing a random amount of empty space onto a stack;
executing a called function; and
executing a modified return routine for removing said random amount of empty space from the stack.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus are described for preventing security vulnerabilities resulting from buffer overruns. According to one embodiment of the present invention, CALL is modified to place a return address on the stack, and then a random amount of space is added to the stack. This random value is placed in a known place on the stack, or kept in a non-accessible CPU register. The rest of the stack is built normally. When RET is called it finds the number of bytes added to the stack and finds the return address on the stack and returns as normal. This method allows a simple hardware solution that will not be visible to the software, yet provide a powerful deterrent to hackers looking to exploit buffer overrun vulnerabilities in software. Without any software modifications we would be able to deter a significant number of buffer overrun attacks. By affecting components lower on the environment it is possible to influence a larger set of software. For example, it is possible to affect all of the software running on the system without having to change any of the software.
44 Citations
33 Claims
-
1. A method of preventing buffer overrun security vulnerabilities comprising:
-
executing a modified call routine for placing a random amount of empty space onto a stack;
executing a called function; and
executing a modified return routine for removing said random amount of empty space from the stack. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of preventing buffer overrun security vulnerabilities comprising:
-
searching an executable program for all function calls at the time the executable is installed;
adding a random amount of blank space to all stacks generated by said function calls;
adjusting all references to said stacks to compensate for said blank space. - View Dependent Claims (9, 10, 11, 13, 14, 15, 16, 17, 18, 20, 21, 22, 24, 25, 26, 27, 28, 29)
-
-
12. An apparatus comprising:
-
a storage device having stored therein one or more routines for preventing buffer overrun security vulnerabilities; and
a processor coupled to the storage device for executing the one or more routines that, when executing the routines, prevents buffer overrun errors by;
executing a modified call routine for placing a random amount of empty space onto a stack;
executing a called function; and
executing a modified return routine for removing said random amount of empty space from the stack.
-
-
19. An apparatus comprising:
-
a storage device having stored therein one or more routines for preventing buffer overrun security vulnerabilities; and
a processor coupled to the storage device for executing the one or more routines that, when executing the routines, prevents buffer overrun errors by;
searching an executable program for all function calls at the time the executable is installed;
adding a random amount of blank space to all stacks generated by said function calls;
adjusting all references to said stacks to compensate for said blank space.
-
-
23. A machine-readable medium having stored thereon data representing sequences of instructions, said sequences of instructions which, when executed by a processor, cause said processor to prevents buffer overrun errors by:
-
executing a modified call routine for placing a random amount of empty space onto a stack;
executing a called function; and
executing a modified return routine for removing said random amount of empty space from the stack.
-
-
30. A machine-readable medium having stored thereon data representing sequences of instructions, said sequences of instructions which, when executed by a processor, cause said processor to prevents buffer overrun errors by:
-
searching an executable program for all function calls at the time the executable is installed;
adding a random amount of blank space to all stacks generated by said function calls;
adjusting all references to said stacks to compensate for said blank space. - View Dependent Claims (31, 32, 33)
-
Specification