CA2465626A1 - Program security through stack segregation - Google Patents

Program security through stack segregation Download PDF

Info

Publication number
CA2465626A1
CA2465626A1 CA002465626A CA2465626A CA2465626A1 CA 2465626 A1 CA2465626 A1 CA 2465626A1 CA 002465626 A CA002465626 A CA 002465626A CA 2465626 A CA2465626 A CA 2465626A CA 2465626 A1 CA2465626 A1 CA 2465626A1
Authority
CA
Canada
Prior art keywords
stack data
data structures
execution items
stack
classes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002465626A
Other languages
French (fr)
Other versions
CA2465626C (en
Inventor
Michael L. Asher
Charles C. Giddens
Harold Jeffrey Stewart
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AT&T Corp
Original Assignee
At&T Corp.
Michael L. Asher
Charles C. Giddens
Harold Jeffrey Stewart
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by At&T Corp., Michael L. Asher, Charles C. Giddens, Harold Jeffrey Stewart filed Critical At&T Corp.
Publication of CA2465626A1 publication Critical patent/CA2465626A1/en
Application granted granted Critical
Publication of CA2465626C publication Critical patent/CA2465626C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow

Abstract

For each process a stack data structure that includes two stacks, which are joined at their bases, is created. The two stacks include a normal stack, which grows downward, and an inverse stack, which grows upward. Items on the stack data structure are segregated into protected and unprotected classes. Protected items include frame pointers and return addresses, which are stored on the normal stack. Unprotected items are function parameters and local variables. The unprotected items are stored on the inverse stack.

Claims (20)

1. A method for executing computer processes comprising receiving execution items for each said computer process, creating a plurality of stack data structures, segregating said execution items into a plurality of classes of execution items, pushing execution items in at least a first set of said classes on respective ones of a set of first stack data structures, each of said first stack data structures being addressed by a stack pointer, storing execution items in at least a second set of said classes in respective ones of a set of second stack data structures, each of said first stack data structures being addressed by an inverse stack pointer, and applying said execution items to an instruction execution unit by selectively popping said execution items in said at least a first set of said classes from said first set of stack data structures, and selectively reading said execution items in said at least a second set of said classes from said second stack data structures.
2. The method of claim 1 wherein said execution items comprise stack pointers, frame pointers, return addresses, global variables, local variables, string variables, array variables.
3. The method of claim 1 wherein said segregating said execution items into a plurality of classes of execution items comprises segregating said execution items into at least a protected class of execution items acid a non-protected class of execution items.
4. The method of claim 1 wherein said set of first stack data structures comprises at least one normal stack data structure.
5. The method of claim 3 wherein said pushing of execution items in at least a first set of said classes in respective ones of a set of first stack data structures comprises pushing sand protected class of execution items on respective ones of a set of first stack data structures.
6. The method of claim 5 wherein said set of first stack data structures comprises at least one normal stack data structure.
7. The method of claim 6 wherein said set of first stack data structures comprises exactly one normal stack data structure.
8. The method of claim 1 wherein said set of second stack data structures comprises at least one inverse stack data structure.
9. The method of claim 3 wherein said storing execution items in at least a second set of said classes in respective ones of a set of second stack data structures comprises storing said non-protected class of execution items on respective ones of a set of second stack data structures.
10. The method of claim 9 wherein said set of second stack data structures comprises at least one inverse stack data structure.
11. The method of claim 10 wherein said set of second stack data structures comprises exactly one inverse stack data structure.
12. The method of claim 5 wherein said selectively popping said execution items in said at least a first set of said classes from said first set of stack data structures comprises popping said protected class of execution items from respective ones of said set of first stack data structures.
13. The method of claim 12 wherein said set of first stack data structures comprises at least one normal stack data structure.
14. The method of claim 12 wherein said set of first stack data structures comprises exactly one normal stack data structure.
15. The method of claim 5 wherein said selectively reading said execution items in said at least a second set of said classes from said second stack data structures comprises reading said non-protected class of execution items from respective ones of said set of second stack data structures.
16. The method of claim 15 wherein said set of second stack data structures comprises at least one inverse stack data structure.
17. The method of claim 15 wherein said set of second stack data structures comprises exactly one inverse stack data structure.
18. The method of claim 1 wherein said execution items in said at least a second set of said classes comprises string variables.
19. The method of claim 1 wherein said execution items in said at least a second set of said classes comprises string variables.
20. The method of claim 1 wherein said execution items in said at least a first set of said classes comprises stack pointers, frame pointers and return addresses.
CA2465626A 2003-04-30 2004-04-30 Program security through stack segregation Expired - Fee Related CA2465626C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US46647503P 2003-04-30 2003-04-30
US60/466,475 2003-04-30

Publications (2)

Publication Number Publication Date
CA2465626A1 true CA2465626A1 (en) 2004-10-30
CA2465626C CA2465626C (en) 2010-09-21

Family

ID=33418384

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2465626A Expired - Fee Related CA2465626C (en) 2003-04-30 2004-04-30 Program security through stack segregation

Country Status (2)

Country Link
US (2) US7660985B2 (en)
CA (1) CA2465626C (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7251735B2 (en) * 2003-07-22 2007-07-31 Lockheed Martin Corporation Buffer overflow protection and prevention
US20070083770A1 (en) * 2005-09-17 2007-04-12 Technology Group Northwest Inc. System and method for foiling code-injection attacks in a computing device
EP1960934B1 (en) * 2005-12-13 2012-03-21 Gemalto SA Method for making secure execution of an intermediate language software code in a portable appliance
EP1881404A1 (en) * 2006-07-20 2008-01-23 Gemplus Method for dynamic protection of data during intermediate language software execution in a digital device
US8806439B1 (en) * 2007-04-30 2014-08-12 AT & T Intellectual Property II, LP System and method for program stack security
US9292702B2 (en) * 2009-08-20 2016-03-22 International Business Machines Corporation Dynamic switching of security configurations
US8508782B2 (en) 2010-12-23 2013-08-13 Konica Minolta Laboratory U.S.A., Inc. Method of securing printers against malicious software
US8990546B2 (en) 2011-10-31 2015-03-24 Freescale Semiconductor, Inc. Data processing system with safe call and return
CN103294517B (en) * 2012-02-22 2018-05-11 国际商业机器公司 Stack overflow protective device, stack protection method, dependent compilation device and computing device
CA2809516C (en) * 2013-03-13 2016-11-08 Khalid Nawaf Alharbi Preventing stack buffer overflow attacks
US9245110B2 (en) 2013-12-17 2016-01-26 International Business Machines Corporation Stack entry overwrite protection
US20160028767A1 (en) * 2014-07-25 2016-01-28 Jose Ismael Ripoll Method for Preventing Information Leaks on the Stack Smashing Protector Technique
KR101695639B1 (en) * 2014-08-13 2017-01-16 (주)잉카엔트웍스 Method and system for providing application security service based on cloud
US10867031B2 (en) 2015-07-23 2020-12-15 Apple Inc. Marking valid return targets
US10157268B2 (en) 2016-09-27 2018-12-18 Microsoft Technology Licensing, Llc Return flow guard using control stack identified by processor register
US11157611B2 (en) 2018-01-02 2021-10-26 Blackberry Limited Binary image stack cookie protection
US10462177B1 (en) * 2019-02-06 2019-10-29 Xm Cyber Ltd. Taking privilege escalation into account in penetration testing campaigns

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4524416A (en) 1980-04-15 1985-06-18 Honeywell Information Systems Inc. Stack mechanism with the ability to dynamically alter the size of a stack in a data processing system
US4674032A (en) * 1984-04-02 1987-06-16 Unisys Corporation High-performance pipelined stack with over-write protection
US5107457A (en) 1989-04-03 1992-04-21 The Johns Hopkins University Stack data cache having a stack management hardware with internal and external stack pointers and buffers for handling underflow and overflow stack
US5483649A (en) * 1994-07-01 1996-01-09 Ybm Technologies, Inc. Personal computer security system
EP0818007B1 (en) 1995-03-31 2006-05-10 The Commonwealth Of Australia Method and means for interconnecting different security level networks
US5742762A (en) 1995-05-19 1998-04-21 Telogy Networks, Inc. Network management gateway
US6418324B1 (en) 1995-06-01 2002-07-09 Padcom, Incorporated Apparatus and method for transparent wireless communication between a remote device and host system
US20040264402A9 (en) 1995-06-01 2004-12-30 Padcom. Inc. Port routing functionality
US5913024A (en) 1996-02-09 1999-06-15 Secure Computing Corporation Secure server utilizing separate protocol stacks
US5918018A (en) 1996-02-09 1999-06-29 Secure Computing Corporation System and method for achieving network separation
US6003084A (en) 1996-09-13 1999-12-14 Secure Computing Corporation Secure network proxy for connecting entities
US5983350A (en) 1996-09-18 1999-11-09 Secure Computing Corporation Secure firewall supporting different levels of authentication based on address or encryption status
US5950195A (en) 1996-09-18 1999-09-07 Secure Computing Corporation Generalized security policy management system and method
US5915087A (en) 1996-12-12 1999-06-22 Secure Computing Corporation Transparent security proxy for unreliable message exchange protocols
US6058457A (en) 1997-06-23 2000-05-02 Sun Microsystems, Inc. Method for storing method frames in multiple stacks
JP2001504969A (en) 1997-08-18 2001-04-10 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Data processor for stack
US6160808A (en) 1997-12-18 2000-12-12 3Com Corporation Technique for transmitting incoming multi-link point-to-point (PPP) packet traffic over multiple outgoing links in a multi-link bundle
US6321336B1 (en) 1998-03-13 2001-11-20 Secure Computing Corporation System and method for redirecting network traffic to provide secure communication
US6167504A (en) 1998-07-24 2000-12-26 Sun Microsystems, Inc. Method, apparatus and computer program product for processing stack related exception traps
US6490289B1 (en) 1998-11-03 2002-12-03 Cisco Technology, Inc. Multiple network connections from a single PPP link with network address translation
US6381646B2 (en) 1998-11-03 2002-04-30 Cisco Technology, Inc. Multiple network connections from a single PPP link with partial network address translation
US6618764B1 (en) 1999-06-25 2003-09-09 Koninklijke Philips Electronics N.V. Method for enabling interaction between two home networks of different software architectures
JP3552627B2 (en) * 2000-02-04 2004-08-11 インターナショナル・ビジネス・マシーンズ・コーポレーション Stack protection system, computer system, compiler, stack protection method, and storage medium
US6442661B1 (en) 2000-02-29 2002-08-27 Quantum Corporation Self-tuning memory management for computer systems
US6578094B1 (en) * 2000-03-02 2003-06-10 International Business Machines Corporation Method for preventing buffer overflow attacks
US7386886B1 (en) * 2000-11-08 2008-06-10 International Business Machines Corporation System and method for prevention of buffer overflow intrusions
US7284274B1 (en) * 2001-01-18 2007-10-16 Cigital, Inc. System and method for identifying and eliminating vulnerabilities in computer software applications
US20020144141A1 (en) * 2001-03-31 2002-10-03 Edwards James W. Countering buffer overrun security vulnerabilities in a CPU
US7752459B2 (en) * 2001-12-06 2010-07-06 Novell, Inc. Pointguard: method and system for protecting programs against pointer corruption attacks
CA2372034A1 (en) * 2002-02-14 2003-08-14 Cloakware Corporation Foiling buffer-overflow and alien-code attacks by encoding
US20030204745A1 (en) * 2002-04-29 2003-10-30 International Business Machines Corporation Method and system for protecting a processing system from a buffer overflow attack
US7086088B2 (en) * 2002-05-15 2006-08-01 Nokia, Inc. Preventing stack buffer overflow attacks
US6996677B2 (en) * 2002-11-25 2006-02-07 Nortel Networks Limited Method and apparatus for protecting memory stacks
US20040168078A1 (en) * 2002-12-04 2004-08-26 Brodley Carla E. Apparatus, system and method for protecting function return address
US7603704B2 (en) * 2002-12-19 2009-10-13 Massachusetts Institute Of Technology Secure execution of a computer program using a code cache

Also Published As

Publication number Publication date
US7660985B2 (en) 2010-02-09
US20100095069A1 (en) 2010-04-15
US20040255146A1 (en) 2004-12-16
US8010788B2 (en) 2011-08-30
CA2465626C (en) 2010-09-21

Similar Documents

Publication Publication Date Title
CA2465626A1 (en) Program security through stack segregation
CN102930210B (en) Rogue program behavior automated analysis, detection and classification system and method
WO2003093982A8 (en) System and method for linking speculative results of load operations to register values
US7613753B2 (en) Platform and method for functional programming (FP) processing
WO2001063412A3 (en) Small memory footprint system and method for separating applications within a single virtual machine
WO2005006213A3 (en) Method and computer system for query processing
JP2004528637A5 (en)
WO2005099035A3 (en) Discovery of occurrence-data
MY137354A (en) A data processing apparatus and method for moving data between registers and memory
WO2003096157A3 (en) Method and apparatus for creating a virtual data copy
WO2005019997A3 (en) System and method for cross attribute analysis and manipulation in online analytical processing (olap) and multi-dimensional planning applications by dimension splitting
WO2004003729A3 (en) Apparatus for register file extension
CN104573287B (en) The Digital Simulation frame design method of unified model is bound based on interface
JP2008537240A (en) Method for verifying pseudo code loaded on embedded systems, especially smart cards
CN106843857A (en) The method and apparatus that code library changes SDK are realized based on SRP
Zuberek et al. Hierarchies of place/transition refinements in Petri nets
WO2005031574A3 (en) Selective loading and configuring of an application on a wireless device, using relational information
WO2003081424A3 (en) Method and apparatus for deployment of high integrity software using initialization order and calling order constraints
CN106407751B (en) The method and apparatus that executable file is protected
EP1445674A3 (en) Operating system for a programmable controller of a hydraulic system
McComb et al. Architectural design in Object-Z
WO2002067064A3 (en) Method and device for carrying out the functional check and functional checking of a technical unit
EP1229438A3 (en) Sum of product arithmetic techniques
CN102713876A (en) Image acquisition device, image acquisition method, and computer program
Oliveira et al. ETL Development using Patterns: A Service-Oriented Approach.

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed