Heap buffer overflow exploitation prevention system and method
US7328323B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 8, 2004 |
| Grant date | Feb 5, 2008 |
| Priority date | — |
| Expiry date | Mar 31, 2026 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/556
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method includes stalling a call to a heap allocation function originating from a request by an application for a block of heap buffer, predicting a block of the heap buffer to fulfill the request, and determining if a forward link (F-link) and a backward link (B-link) of the predicted block are addresses within a heap segment associated with the predicted block. If a determination is made that the F-link or the B-link point outside the associated heap segment, e.g., have been overwritten by a heap buffer overflow attack, corrective action is taken to correct the stray F-link or B-link. After the corrective action is taken, the heap allocation function call is released and the block of heap buffer is allocated. In this manner, a heap buffer overflow attack is defeated.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.