CN101286191A - 一种缓冲区溢出攻击的防护方法、装置及系统 - Google Patents
一种缓冲区溢出攻击的防护方法、装置及系统 Download PDFInfo
- Publication number
- CN101286191A CN101286191A CNA200810028213XA CN200810028213A CN101286191A CN 101286191 A CN101286191 A CN 101286191A CN A200810028213X A CNA200810028213X A CN A200810028213XA CN 200810028213 A CN200810028213 A CN 200810028213A CN 101286191 A CN101286191 A CN 101286191A
- Authority
- CN
- China
- Prior art keywords
- randomization
- function
- pointer
- memory allocation
- dll
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000006870 function Effects 0.000 claims abstract description 139
- 230000008569 process Effects 0.000 claims description 30
- 230000001681 protective effect Effects 0.000 claims description 22
- 230000004048 modification Effects 0.000 claims description 8
- 238000012986 modification Methods 0.000 claims description 8
- 238000005192 partition Methods 0.000 claims description 7
- 238000011112 process operation Methods 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 7
- 230000003068 static effect Effects 0.000 description 16
- 230000003139 buffering effect Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 239000007943 implant Substances 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008672 reprogramming Effects 0.000 description 2
- 239000008186 active pharmaceutical agent Substances 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (18)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200810028213XA CN101286191B (zh) | 2008-05-21 | 2008-05-21 | 一种缓冲区溢出攻击的防护方法、装置及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200810028213XA CN101286191B (zh) | 2008-05-21 | 2008-05-21 | 一种缓冲区溢出攻击的防护方法、装置及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101286191A true CN101286191A (zh) | 2008-10-15 |
CN101286191B CN101286191B (zh) | 2011-01-12 |
Family
ID=40058392
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200810028213XA Expired - Fee Related CN101286191B (zh) | 2008-05-21 | 2008-05-21 | 一种缓冲区溢出攻击的防护方法、装置及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101286191B (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105279429A (zh) * | 2015-11-24 | 2016-01-27 | 无锡江南计算技术研究所 | 一种got表写保护的保护方法 |
CN105653906A (zh) * | 2015-12-28 | 2016-06-08 | 中国人民解放军信息工程大学 | 基于地址随机的反内核挂钩方法 |
CN105740697A (zh) * | 2016-01-26 | 2016-07-06 | 国家信息技术安全研究中心 | 一种xp中地址空间布局随机化方法及装置 |
CN106407754A (zh) * | 2015-07-30 | 2017-02-15 | 中兴通讯股份有限公司 | 一种生成随机布局程序的方法及装置 |
CN106856470A (zh) * | 2015-12-09 | 2017-06-16 | 中国电信股份有限公司 | 用于防范网络攻击的方法以及装置 |
CN110472411A (zh) * | 2019-08-20 | 2019-11-19 | 杭州和利时自动化有限公司 | 一种内存溢出处理方法、装置、设备及可读存储介质 |
GB2579070A (en) * | 2018-11-19 | 2020-06-10 | Secure Micro Ltd | Computer implemented method |
US11836246B2 (en) | 2018-11-19 | 2023-12-05 | Secure Micro Ltd | Computer implemented method |
-
2008
- 2008-05-21 CN CN200810028213XA patent/CN101286191B/zh not_active Expired - Fee Related
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106407754A (zh) * | 2015-07-30 | 2017-02-15 | 中兴通讯股份有限公司 | 一种生成随机布局程序的方法及装置 |
CN105279429A (zh) * | 2015-11-24 | 2016-01-27 | 无锡江南计算技术研究所 | 一种got表写保护的保护方法 |
CN105279429B (zh) * | 2015-11-24 | 2018-01-19 | 无锡江南计算技术研究所 | 一种got表写保护的保护方法 |
CN106856470A (zh) * | 2015-12-09 | 2017-06-16 | 中国电信股份有限公司 | 用于防范网络攻击的方法以及装置 |
CN105653906A (zh) * | 2015-12-28 | 2016-06-08 | 中国人民解放军信息工程大学 | 基于地址随机的反内核挂钩方法 |
CN105653906B (zh) * | 2015-12-28 | 2018-03-27 | 中国人民解放军信息工程大学 | 基于地址随机的反内核挂钩方法 |
CN105740697A (zh) * | 2016-01-26 | 2016-07-06 | 国家信息技术安全研究中心 | 一种xp中地址空间布局随机化方法及装置 |
CN105740697B (zh) * | 2016-01-26 | 2018-08-31 | 国家信息技术安全研究中心 | 一种xp中地址空间布局随机化方法及装置 |
GB2579070A (en) * | 2018-11-19 | 2020-06-10 | Secure Micro Ltd | Computer implemented method |
GB2579070B (en) * | 2018-11-19 | 2023-04-05 | Secure Micro Ltd | Computer implemented method |
US11836246B2 (en) | 2018-11-19 | 2023-12-05 | Secure Micro Ltd | Computer implemented method |
CN110472411A (zh) * | 2019-08-20 | 2019-11-19 | 杭州和利时自动化有限公司 | 一种内存溢出处理方法、装置、设备及可读存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN101286191B (zh) | 2011-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101286191B (zh) | 一种缓冲区溢出攻击的防护方法、装置及系统 | |
JP5655677B2 (ja) | ハイパーバイザ置き換え方法および情報処理装置 | |
US10902112B2 (en) | System including a hypervisor | |
EP2891060B1 (en) | Layout and execution of software applications using bpram | |
US9703957B2 (en) | Atomic detection and repair of kernel memory | |
EP1467282B1 (en) | Operating systems | |
JP2008510238A (ja) | オペレーティングシステム | |
EP2891059B1 (en) | Layout and execution of operating systems using bpram | |
EP1830257A2 (en) | Input/output control apparatus, input/output control system, and input/output control method | |
JP6615726B2 (ja) | 情報処理装置、情報処理方法及びプログラム | |
KR20070005917A (ko) | 운영체제 | |
US9158562B2 (en) | Method and apparatus for supporting virtualization of loadable module | |
JP2010113488A (ja) | オペレーティングシステムおよび情報処理装置 | |
IL256164A (en) | Tracking data access in guaranteed mode | |
CN1584840A (zh) | 存储器管理系统以及在多任务系统中的任务控制器 | |
JP2011060225A (ja) | オペレーティングシステム起動方法 | |
CN101615129B (zh) | 应用于分布式系统中的升级方法及版本管理客户端 | |
KR20070003765A (ko) | 운영체제 | |
JP2009009232A (ja) | コンピュータとカーネル保護方法並びにコンピュータソフトウエア | |
Nakajima et al. | Temporal and spatial isolation in a virtualization layer for multi-core processor based information appliances | |
US8650579B1 (en) | Containment for computer-software update installation processes | |
KR20060023956A (ko) | 운영체제 | |
US11256631B1 (en) | Enhanced security via dynamic regions for memory protection units (MPUs) | |
JP2003216449A (ja) | パッチ処理システム | |
JP2006048186A (ja) | 動的コンパイラの生成コードを保護する言語処理系 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: CHENGDU CITY HUAWEI SAIMENTEKE SCIENCE CO., LTD. Free format text: FORMER OWNER: HUAWEI TECHNOLOGY CO., LTD. Effective date: 20090508 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20090508 Address after: Qingshui River District, Chengdu high tech Zone, Sichuan Province, China: 611731 Applicant after: Chengdu Huawei Symantec Technologies Co., Ltd. Address before: Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Province, China: 518129 Applicant before: Huawei Technologies Co., Ltd. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee |
Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD. |
|
CP01 | Change in the name or title of a patent holder |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee after: Huawei Symantec Technologies Co., Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: Chengdu Huawei Symantec Technologies Co., Ltd. |
|
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110112 Termination date: 20180521 |