Data processing: software development – installation – and managem – Software program development tool – Testing or debugging
Reexamination Certificate
2004-03-01
2009-06-09
Zhen, Wei Y (Department: 2191)
Data processing: software development, installation, and managem
Software program development tool
Testing or debugging
C717S124000, C719S312000, C719S320000
Reexamination Certificate
active
07546587
ABSTRACT:
Run-time call stack verification is used to determine that a code module has been called by a legitimate caller. A return address on the stack indicates where execution is to return upon execution of the next return instruction, and this return address is indicative of where the code module was called from. The code module may determine that the call is allowed, or disallowed, based on the location of the return address. A calling convention is provided that allows the code module to be called through an intermediary, while also preserving the original return address that was in effect at the time the intermediary was called and also resisting modification to the call stack during the time that the original return address is being verified.
REFERENCES:
patent: 5410698 (1995-04-01), Danneels et al.
patent: 5592600 (1997-01-01), De Pauw et al.
patent: 5734904 (1998-03-01), Kanamori et al.
patent: 5794047 (1998-08-01), Meier
patent: 5802371 (1998-09-01), Meier
patent: 5892900 (1999-04-01), Ginter et al.
patent: 5946486 (1999-08-01), Pekowski
patent: 5948113 (1999-09-01), Johnson et al.
patent: 5970248 (1999-10-01), Meier
patent: 6003095 (1999-12-01), Pekowski et al.
patent: 6173421 (2001-01-01), Weaver Johnson et al.
patent: 6226618 (2001-05-01), Downs et al.
patent: 6240549 (2001-05-01), Hamada et al.
patent: 6442752 (2002-08-01), Jennings et al.
patent: 6513155 (2003-01-01), Alexander, III et al.
patent: 6662358 (2003-12-01), Berry et al.
patent: 6880149 (2005-04-01), Cronce
patent: 2002/0012432 (2002-01-01), England et al.
patent: 2002/0013772 (2002-01-01), Peinado
patent: 2002/0169974 (2002-11-01), McKune
patent: 2002/0188931 (2002-12-01), Ewart et al.
patent: 2003/0041267 (2003-02-01), Fee et al.
patent: 2003/0187801 (2003-10-01), Chase et al.
patent: 2003/0194092 (2003-10-01), Parks et al.
patent: 2003/0195855 (2003-10-01), Parks et al.
patent: 2003/0226007 (2003-12-01), Olson et al.
Nitta et al., “Security Verification of Programs with Stack Inspection,” 2001, ACM, p. 31-40.
Rabek et al., “Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code,” 2003, ACM, p. 76-82.
Brender Scott A.
Marr Michael David
Chen Qing
Microsoft Corporation
Woodcock & Washburn LLP
Zhen Wei Y
LandOfFree
Run-time call stack verification does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Run-time call stack verification, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Run-time call stack verification will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4094794