Sciweavers

ACSAC
2009
IEEE

FPValidator: Validating Type Equivalence of Function Pointers on the Fly

14 years 6 months ago
FPValidator: Validating Type Equivalence of Function Pointers on the Fly
—Validating function pointers dynamically is very useful for intrusion detection since many runtime attacks exploit function pointer vulnerabilities. Most current solutions tackle this problem through checking whether function pointers target the addresses within the code segment or, more strictly, valid function entries. However, they cannot detect function entry attacks that manipulate function pointers to target valid function entries but invoke them maliciously. This paper proposes FPValidator, a new solution capable of dynamically validating the type equivalence between function pointers and target functions, which can detect all function entry attacks that violate type equivalence. An effective and efficient type matching approach based on labeled type signature is proposed to perform fast type equivalence checking. The validation code and necessary type information are inserted by a compilation-stage instrumentation mechanism, bringing no extra burden to developers. We integr...
Hua Wang, Yao Guo, Xiangqun Chen
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Hua Wang, Yao Guo, Xiangqun Chen
Comments (0)