Patent · US Active

Using virtual table protections to prevent the exploitation of object corruption vulnerabilities

US8683583B2 · kind B2 · utility

7Cited by

4References

20Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Matthew Ryan Miller · Seattle, US
Kenneth D. Johnson · Seattle, US
Timothy William Burrell · Cheltenham, GB

Key dates

Filing date	Dec 2, 2010
Grant date	Mar 25, 2014
Priority date	—
Expiry date	Jun 15, 2032

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2143
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The subject disclosure is directed towards preventing the exploitation by malicious code of object state corruption vulnerabilities, such as use-after-free vulnerabilities. An object class is configured with a secret cookie in a virtual function table of the object, e.g., inserted at compile time. An instrumentation check inserted in the program code evaluates the secret cookie to determine whether the object state has been corrupted before object access (e.g., a call to one of the object's methods) is allowed. If corrupted, access to the object is prevented by the instrumentation check. Another instrumentation check may be used to determine whether the object's virtual table pointer points to a location outside of the module that contains the legitimate virtual function table; if so, object access is prevented.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.