Patent
1997-07-25
1999-09-07
Ellis, Richard L.
395670, G06F 1214
Patent
active
059499737
ABSTRACT:
A stack override prevention method provides protection against a computer attack that utilizes the technique of stack override to gain control of a computer system. The method of the protection is to permit the stack to be executable but to add functionality that blocks the possibility of passing control via stack override to code inserted into the stack by means of the exploit program. This method includes relocating the entire stack to a random memory location in memory and subsequently erasing the old stack area. By moving the entire stack associated with a process to a random location, the attacker cannot predict the address in which potentially all permitting code resides and thus cannot put the correct value in the location of the return address within the stack frame. The invention is applicable to operating systems which use the stack as means for passing control to and returning from functions and in which the stack is executable.
REFERENCES:
"Smashing the Stack for Fun and Profit", Markus Hubner, pp. 1-29 Nov. 8, 1996.
Forrest, Stephanie et al., Building Diverse Computer Systems, Proceedings of the 1997 6.sup.th Workshop on Hot Topics in Operating Systems, May 5, 1997.
Ellis Richard L.
Memco Software Ltd.
LandOfFree
Method of relocating the stack in a computer system for preventi does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of relocating the stack in a computer system for preventi, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of relocating the stack in a computer system for preventi will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1813249