Buffer overflows remain the leading cause of software vulnerabilities in the world of information security. The proposed segment-based non-executable stack approach aims to prevent the injection and execution of arbitrary code in an existing process's stack space under Windows NT/2000 and Intel 32-bit CPUs. The application's user-mode stack is relocated to the higher address and the effective limit of the code segment excludes the relocated stack from the code segment. The segmentation logic of IA-32 processors monitors the accesses to the memory ranges and a page fault is generated if instruction fetches are initiated in the stack memory pages. It is highly effective in preventing both known and yet unknown stack smashing attacks.
展开▼
机译:缓冲区溢出仍然是信息安全世界软件漏洞的主要原因。所提出的基于段的非可执行堆栈方法旨在防止在Windows NT / 2000和英特尔32位CPU下的现有过程的堆栈空间中注入和执行任意代码。应用程序的用户模式堆栈被重新定位为较高的地址,并且代码段的有效限制排除了代码段的重新定位。 IA-32处理器的分割逻辑监视到存储器范围的访问,并且如果在堆栈存储页面中启动指令提取,则会生成页面错误。它在预防既有已知和未知的堆栈粉碎攻击是非常有效的。
展开▼