Blocking routine redirection
US10181030B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 24, 2015 |
| Grant date | Jan 15, 2019 |
| Priority date | — |
| Expiry date | Oct 1, 2035 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2143
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Disclosed herein are methods, systems, and computer-readable media for blocking attempts at runtime redirection and attempts to change memory permissions during runtime. The present disclosure describes features that enable runtime detection of an attempt to redirect routines or change memory permissions, and determining whether to allow or deny the attempt. Such features may include changing memory write permissions on memory segments, such as those segments used by dynamic loaders after call associations have been saved or otherwise created. Other features may include swapping the addresses of system routines (e.g., open, read, write, close, etc.) to new routines that perform the same function as well as additional functionality configured to detect attempts to redirect or change memory permissions. Once detected by the new routine during runtime, a determination may be made to deny or allow the call based on a policy.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.