CN104881610B - A kind of defence method for virtual table hijack attack - Google Patents
A kind of defence method for virtual table hijack attack Download PDFInfo
- Publication number
- CN104881610B CN104881610B CN201510333581.5A CN201510333581A CN104881610B CN 104881610 B CN104881610 B CN 104881610B CN 201510333581 A CN201510333581 A CN 201510333581A CN 104881610 B CN104881610 B CN 104881610B
- Authority
- CN
- China
- Prior art keywords
- virtual
- function
- virtual table
- pointer
- effective
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of defence method for virtual table hijack attack, and it includes:Build effective virtual table set and effective Virtual Function set;Determine to need the Virtual Function in protected object and object in executable program, analysis obtains the call address for reading address and Virtual Function of Virtual Function data;Backup call back function is inserted in the running of executable program at the reading address of Virtual Function data, check callback function is inserted at the call address of Virtual Function;The virtual table of virtual table pointer and its sensing is backed up;Verified according to the virtual table of the virtual table pointer of backup and its sensing, and according to check results carry out Virtual Function execution whether.The present invention is based on binary rewrite technology, it is not necessary to which source code can complete deployment;And can be effectively in guard process important object, do not influenceed by virtual table hijack attack;And the overhead that is brought of the present invention is also within tolerance interval.
Description
Technical field
The invention belongs to effective defense technique field that application program internal memory destroys leak, more particularly to one kind is for empty letter
The defence method of number table hijack attack.
Background technology
Internal memory destruction leak (memory corruption bugs) is widely present in using low-level languages such as C/C++
Program in, after stack overflow, heap overflow, release reuse etc. leak belong to internal memory destruction leak.Attacker utilizes such leak,
Data, code, reprogramming behavior or even the controlling stream for kidnapping program in application program internal memory can be controlled.
There are following two processing modes in the prior art:
VTGuard:VTGuard is a virtual table protection technique being deployed in IE browser.Its basic thought is:
The cookie of a secret is inserted in each virtual table, and is checked when Virtual Function is called, in current table
Whether cookie is consistent with corresponding cookie, can forbid this time calling if inconsistent.The program can effectively reduce void
Function table replay attack, but it is invalid to virtual table destruction and virtual table injection attacks.
SafeDispatch:SafeDispatch is the virtual table hijack attack defense schemes based on compiler, and it is first
First the class relation to whole program is analyzed, and is inferred in program effective virtual table set and Virtual Function set;Then
Safety check is carried out when Virtual Function is called, current Virtual Function and virtual table are checked whether in efficient set, if not existing
Then forbid this time calling.For the inspection of Virtual Function, 7% overhead will be brought;For the inspection of virtual table, it will bring
30% overhead, and it is invalid to virtual table destruction attack.
DieHard:DieHard provide customized memory allocator, carry out Memory Allocation when realize randomization and
Isolation.The technical scheme is effective to virtual table hijack attack to a certain extent, but exists uncertain.
But in such scheme, there is following defect:Validity:The equal nothing of VTGuard, SafeDispatch, DIeHard
Method ensures effectively to protect all types of virtual table hijack attacks;Binary compatible:VTGuard、
SafeDispatch and DieHard not binary compatible, that is, need source code.And protection of goal program is obtained in practice
Source code be extremely difficult;Overhead:The overhead (7% and 30%) that SafeDispatch is brought makes it difficult to should
For in practice.
The content of the invention
To solve the above problems, the present invention provides a kind of defence method for virtual table hijack attack.Base of the present invention
In binary rewrite technology, it is not necessary to which source code can complete deployment;And can be effectively in guard process important object, not by void
The influence of function table hijack attack;And the overhead that is brought of the present invention is also within tolerance interval.
The defence method for virtual table hijack attack of the present invention, it includes:
Step 1: building effective virtual table set and effective Virtual Function set;Effective virtual table set is used to store
Virtual table pointer, virtual table pointer points to virtual table;Effective Virtual Function set is used to store virtual table, virtual table
For storing Virtual Function pointer, Virtual Function pointer points to Virtual Function;
Step 2: determine in executable program may by virtual table hijack attack, need protected object and right
Virtual Function as in, analysis obtains the call address for reading address and Virtual Function of Virtual Function data;Wherein, Virtual Function packet
Include:Virtual table pointer and virtual table;The different Virtual Function data of same object use identical reading address, and Virtual Function
Virtual table pointer and virtual table in data use identical reading address;
Step 3: in the running of executable program, mode is inserted using binary, in Virtual Function data
Read and backup call back function is inserted at address, check callback function is inserted at the call address of Virtual Function;
Step 4: when the corresponding backup call back function of the Virtual Function data that executable program goes to some object X,
In the backup call back function, the virtual table of object X virtual table pointer and its sensing is backed up, wherein virtual table
Pointer backup is into effective virtual table set, and virtual table is backuped in effective Virtual Function set;
Step 5: when executable program goes to the corresponding check callback function of some Virtual Function, letter is adjusted back in verification
In number, whether the virtual table pointer Y of the virtual table where the called Virtual Function of inspection is in effective virtual table set;
If virtual table pointer Y is not in effective virtual table set, verification failure, refusal call Virtual Function, exist side by side
Terminate the executable program;
If virtual table pointer Y is in effective virtual table set, according to effective virtual table set of backup and have
Virtual Function set is imitated, the virtual table Z of virtual table pointer Y sensings is found;Judge called Virtual Function pointer whether in void
In function table Z, if being verified if successfully, operation executable program calls Virtual Function, and otherwise verification failure, refusal call empty letter
Number, and terminate the executable program.
Further, the access attribute of the page where Backup Data is revised as after being backed up in step 4 read-only.
Beneficial effect:
The present invention inserts code in object-instantiated to virtual table pointer and Virtual Function by binary system Program instrumentation
Table is backed up;When the Virtual Function of object is called, according to current virtual table pointer and Virtual Function pointer with it is original be worth into
Row compares to judge whether to be called.In this way, the present invention is carried out in binary layer in face of virtual table
Protection, effectively protects object not influenceed by virtual table hijack attack.
Brief description of the drawings
Fig. 1 (a) is the defence method schematic diagram for virtual table hijack attack of the invention;
Fig. 1 (b) is Backup Data schematic diagram of the invention;
Fig. 1 (c) is checking procedure flow chart of the invention;
Fig. 2 is the code schematic diagram that executable program calls Virtual Function;
The class formation that Fig. 3 (a) is object d in embodiments of the invention;
The virtual table memory mapping that Fig. 3 (b) is object d in embodiments of the invention.
Embodiment
There are multiple objects in PE files, the virtual table of which part object is vulnerable to the attack of attacker, captures program
Controlling stream, perform dangerous code, influence system safety.
Shown in technical solution of the present invention such as Fig. 1 (a).First, preanalysis is carried out to PE files to be protected, obtains needing to protect
At the generation for the virtual table for protecting object and Virtual Function calls place;Next, at generation and the Virtual Function place of calling is inserted
Dress, adds the protection to target program.In order to be inserted to target program, it is necessary to be obtained by preanalysis:1. virtual table
Position is generated, data backup is carried out to carry out inserting;2. Virtual Function calling station, to do safety when carrying out and being inserted into and call
Checking.There are a variety of analysis methods for binary file to realize this target at present, including automatically analyze platform, static state
Analysis, dynamic analysis etc..
The defence method for virtual table hijack attack of the present invention, it includes:
Step 1: building effective virtual table set and effective Virtual Function set;Effective virtual table set is used to store
Virtual table pointer, virtual table pointer points to virtual table;Effective Virtual Function set is used to store virtual table, virtual table
For storing Virtual Function pointer, Virtual Function pointer points to Virtual Function.
Step 2: determine in executable program may by virtual table hijack attack, need protected object and right
Virtual Function as in, analysis obtains the call address for reading address and Virtual Function of Virtual Function data;Wherein, Virtual Function packet
Include:Virtual table pointer and virtual table;The different Virtual Function data of same object use identical reading address, and Virtual Function
Virtual table pointer and virtual table in data use identical reading address;
Wherein obtain Virtual Function call address mode be:
Attack code is obtained by network, modification attack code is to Virtual Function pointer or the asignment statement of virtual table pointer
Sentence, when executable program calls Virtual Function and the Virtual Function is being attacked by amended attack code, executable program reports an error,
IA when then executable program reports an error performed by executable program is the calling station of Virtual Function.
The mode of reading address for obtaining Virtual Function data is:
Code when Virtual Function is called is analyzed in executable program, the data flow of the affiliated object of the Virtual Function is followed the trail of with true
Determine the reading position of the Virtual Function data of object.
Step 3: in the running of executable program, mode is inserted using binary, in Virtual Function data
Read and backup call back function is inserted at address, check callback function is inserted at the call address of Virtual Function.
Step 4: when the corresponding backup call back function of the Virtual Function data that executable program goes to some object X,
In the backup call back function, the virtual table of object X virtual table pointer and its sensing is backed up, wherein virtual table
Pointer backup is into effective virtual table set, and virtual table is backuped in effective Virtual Function set.
Step 5: when executable program goes to the corresponding check callback function of some Virtual Function, letter is adjusted back in verification
In number, whether the virtual table pointer Y of the virtual table where the called Virtual Function of inspection is in effective virtual table set;
If virtual table pointer Y is not in effective virtual table set, verification failure, refusal call Virtual Function, exist side by side
Terminate the executable program;
If virtual table pointer Y is in effective virtual table set, according to effective virtual table set of backup and have
Virtual Function set is imitated, the virtual table Z of virtual table pointer Y sensings is found;Judge called Virtual Function pointer whether in void
In function table Z, if being verified if successfully, operation executable program calls Virtual Function, and otherwise verification failure, refusal call empty letter
Number, and terminate the executable program.
Further, the access attribute of the page where Backup Data is revised as after being backed up in step 4 read-only.
Give to (Intel grammers) after certain program decompiling that what is obtained call the process of Virtual Function in Fig. 2.In a program
Virtual Function is called to include three steps:The first step calls the object address of the Virtual Function to obtain, and then obtains at the object first address
The virtual table address (initial address of the virtual table in internal memory) stored, is finally called according to call instruction
Offset of the Virtual Function in virtual table, gone to call the Virtual Function according to the offset.Wherein, if the object has empty letter
Number table, the then front end that its virtual table is exclusively enjoyed positioned at this.Wherein deposited in eax registers for object first address, ecx registers
For virtual table pointer, its value is the address of virtual table.From invoked procedure as can be seen that no matter virtual table pointer is tampered
(virtual table injection/replay attack) or virtual table (virtual table destruction attack) are tampered, and will all cause programme-control
Stream integrality is destroyed.
It is now assumed that being learnt by the preanalysis stage, certain object is after the distribution of virtual table is completed by virtual table address
In (Virtual Function pointer) deposit eax registers, code position now is set_address;In call_address1 ...
.call_addres10 place is called in the presence of the Virtual Function of the object, and call instruction is cal [ecx+14c], call [ecx+20c]
Deng.
Inserted at set_address addresses.The virtual table pointer stored in back-up registers eax, and successively
The called Virtual Function pointer of backup.Called Virtual Function pointer can obtain it in virtual table by call instruction
Position, such as call [ecx+14c], then mean in virtual table offset be the Virtual Function that 14c locates be called, it is necessary to
Backed up.By the called Virtual Function pointer of all backups, referred to as effective virtual table set.Virtual table pointer and void
Function pointer is backed up in the page newly applied, after the completion of backup operation, the attribute of current page is set into read-only.
Efficiency analysis:The present invention can be verified when Virtual Function is called to virtual table pointer, therefore, it is possible to effective
Defend virtual table replay attack and virtual table injection attacks;And the backup of the Virtual Function pointer to calling then ensure that program
Do not influenceed by virtual table destruction attack.Meanwhile, the present invention is by data backup in the read-only page of internal memory.Determine in the present invention
Under the threat modeling of justice, although Backup Data has been arrived in attacker's scanning, it can not also be distorted.
Above-mentioned virtual table (virtual table, referred to as empty table or vtable):C++ Dynamic polymorphism is by Virtual Function
(Vitrual Function) is realized.Each class containing Virtual Function has each single item in a virtual table, table to be one
The address of individual Virtual Function, virtual table solves the problem of succession, covering.
Virtual table hijack attack (vtable hijacking attack) refers to by distorting virtual table or virtual table
Pointer (points to the pointer of virtual table, its value is virtual table initial address), and reaches and kidnap the one of program control flow purpose
Class is attacked.
For by guard process, present invention assumes that:It is PE formatted files by guard process;Binary file does not carry out generation
Code is obscured;Program is generated by the main flow such as gcc, visual C++ compiler.
Object virtual table memory mapping:When using parent one subclass of pointer operation when, virtual table just as
One map, specifies the function that should actually call.By the function pointer in traversal list, corresponding empty letter just can be called
Number.Fig. 3 (a) illustrates object d class formation, and Fig. 3 (b) describes object d virtual table memory mapping, can from figure
Go out, each parent has the empty table of oneself, the Virtual Function of subclass has been placed to the empty table of first parent (to state that order is determined)
In;The Virtual Function covered by subclass is placed on the position of empty table Central Plains parent Virtual Function, and the function being not covered with is constant;Such as Fig. 3
(b), the virtual table pointer of object is located at position forward in object memory mapping;State f in Fig. 3 (a) in Base1 successively
(), g (), three Virtual Functions of h (), Virtual Function is according to its statement order it can be seen from the virtual table of Base1 in Fig. 3 (b)
It is put in table;Fig. 3 (a) Derive class class figures, such is the Virtual Function f () that multiple inheritance and subclass cover parent;
(b) Derive class objects d memory mapping, virtual table pointer is located at position forward in object instance, and it points to the object
Each virtual table, the position of the f () in parent virtual table has been replaced by the function pointer of subclass.
The major way of virtual table hijack attack includes:
1. virtual table destroys (vtable corruption):The Virtual Function stored in attacker's covering virtual table refers to
Pin reaches attack purpose.
2. virtual table injects (vtable injection):Attacker covers virtual table pointer, makes the pointer point to
The virtual table constructed by attacker.This mode is reliable and efficient, is the attack method that attacker is commonly used.
3. virtual table reuses (vtable reuse):Attacker covers virtual table pointer, makes the pointer point to internal memory
In already present virtual table.Such a mode utilizes difficulty height and and unstable, the appearance not in actual attack at present
Binary system inserting refers to modify in face of program in binary layer, by increase, deletion, modification code, reaches
Increase the purposes such as function, monitoring program operation.
Present invention assumes that attacker meets following condition:
1. attacker can read full internal memory, so that attacker can carry out information leakage attack (information
Leakage attacks), and bypass ASLR (Adress space layout randomization, by heap, stack
The randomization being laid out Deng linear zone, increase attacker predicts the difficulty of destination address, prevents the direct seat offence code of attacker
The mean of defense of position) etc. defense mechanism;
2. attacker can carry out write operation in all writeable pages, so that attacker being capable of Modification growth function return ground
The significant datas such as location, virtual table pointer, reach that reprogramming performs the purpose of stream;
3. attacker can not directly read, write register;
Above-mentioned hypothesis is strict enough, meets condition when being attacked in real world using internal memory destruction leak;
Meanwhile, leak is destroyed using internal memory, attacker can also realize above-mentioned condition.
Certainly, the present invention can also have other various embodiments, ripe in the case of without departing substantially from spirit of the invention and its essence
Various corresponding changes and deformation, but these corresponding changes and change ought can be made according to the present invention by knowing those skilled in the art
Shape should all belong to the protection domain of appended claims of the invention.
Claims (2)
1. a kind of defence method for virtual table hijack attack, it is characterised in that including:
Step 1: building effective virtual table set and effective Virtual Function set;Effective virtual table set is used to store empty letter
Number list index, virtual table pointer points to virtual table;Effective Virtual Function set is used to store virtual table, and virtual table is used for
Virtual Function pointer is stored, Virtual Function pointer points to Virtual Function;
Step 2: may be by virtual table hijack attack, the protected object of needs and object in determination executable program
Virtual Function, analysis obtains the call address for reading address and Virtual Function of Virtual Function data;Wherein, Virtual Function data include:
Virtual table pointer and virtual table;
Step 3: in the running of executable program, mode is inserted using binary, in the reading of Virtual Function data
Backup call back function is inserted at address, check callback function is inserted at the call address of Virtual Function;
Step 4: when the corresponding backup call back function of the Virtual Function data that executable program goes to some object X, it is standby at this
In part call back function, the virtual table of object X virtual table pointer and its sensing is backed up, wherein virtual table pointer
Backup in effective virtual table set, virtual table is backuped in effective Virtual Function set;
Step 5: when executable program goes to the corresponding check callback function of some Virtual Function, in check callback function,
Whether the virtual table pointer Y of the virtual table where the called Virtual Function of inspection is in effective virtual table set;
If virtual table pointer Y is not in effective virtual table set, Virtual Function is called in verification failure, refusal, and immediately eventually
The only executable program;
It is according to effective virtual table set of backup and effectively empty if virtual table pointer Y is in effective virtual table set
Function set, finds the virtual table Z of virtual table pointer Y sensings;Judge called Virtual Function pointer whether in Virtual Function
In table Z, if being verified if successfully, operation executable program calls Virtual Function, and otherwise verification failure, refusal call Virtual Function, and
Terminate the executable program.
2. the defence method of virtual table hijack attack is directed to as claimed in claim 1, it is characterised in that backed up in step 4
The access attribute of the page where Backup Data is revised as afterwards read-only.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510333581.5A CN104881610B (en) | 2015-06-16 | 2015-06-16 | A kind of defence method for virtual table hijack attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510333581.5A CN104881610B (en) | 2015-06-16 | 2015-06-16 | A kind of defence method for virtual table hijack attack |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104881610A CN104881610A (en) | 2015-09-02 |
CN104881610B true CN104881610B (en) | 2017-09-29 |
Family
ID=53949100
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510333581.5A Active CN104881610B (en) | 2015-06-16 | 2015-06-16 | A kind of defence method for virtual table hijack attack |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104881610B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105808251B (en) * | 2016-03-03 | 2021-02-02 | 武汉斗鱼网络科技有限公司 | Virtual function table hijacking bypass security detection method and system |
CN105868641A (en) * | 2016-04-01 | 2016-08-17 | 北京理工大学 | Defending method based on virtual function table hijacking |
CN106021110B (en) * | 2016-05-24 | 2019-03-26 | 南京大学 | Code huge profit attack detection method based on virtual table inheritance |
CN107368742B (en) * | 2017-08-16 | 2022-10-18 | 南京大学 | Fine-grained virtual function table hijacking attack defense method based on GCC |
CN110187988B (en) * | 2019-06-06 | 2021-08-13 | 中国科学技术大学 | Static function call graph construction method suitable for virtual function and function pointer |
CN111859372B (en) * | 2020-07-29 | 2023-08-22 | 中国工商银行股份有限公司 | Heap memory attack detection method and device and electronic equipment |
CN112581582B (en) * | 2020-12-24 | 2024-08-16 | 西安翔腾微电子科技有限公司 | TLM device of GPU (graphics processing unit) rasterization module based on SysML (graphics processing unit) view and operation method |
CN114741131B (en) * | 2022-04-02 | 2023-08-15 | 深圳软牛科技有限公司 | Hiding method, device, equipment and storage medium for dynamic library derived symbol |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7426718B2 (en) * | 2005-03-21 | 2008-09-16 | Microsoft Corporation | Overriding constructors to provide notification in order to detect foreign code |
CN103714292A (en) * | 2014-01-15 | 2014-04-09 | 四川师范大学 | Method for detecting exploit codes |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100205674A1 (en) * | 2009-02-11 | 2010-08-12 | Microsoft Corporation | Monitoring System for Heap Spraying Attacks |
US8683583B2 (en) * | 2010-12-02 | 2014-03-25 | Microsoft Corporation | Using virtual table protections to prevent the exploitation of object corruption vulnerabilities |
-
2015
- 2015-06-16 CN CN201510333581.5A patent/CN104881610B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7426718B2 (en) * | 2005-03-21 | 2008-09-16 | Microsoft Corporation | Overriding constructors to provide notification in order to detect foreign code |
CN103714292A (en) * | 2014-01-15 | 2014-04-09 | 四川师范大学 | Method for detecting exploit codes |
Also Published As
Publication number | Publication date |
---|---|
CN104881610A (en) | 2015-09-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104881610B (en) | A kind of defence method for virtual table hijack attack | |
US10990667B2 (en) | Systems and/or methods for automatically protecting against memory corruption vulnerabilities | |
EP3779745B1 (en) | Code pointer authentication for hardware flow control | |
EP3069254B1 (en) | Improved control flow integrity system and method | |
CN106991324A (en) | It is a kind of that the malicious code Tracking Recognition method that type is monitored is protected based on internal memory | |
US8037529B1 (en) | Buffer overflow vulnerability detection and patch generation system and method | |
KR101995285B1 (en) | Method and apparatur for patching security vulnerable executable binaries | |
CN104598823A (en) | Kernel level rootkit detection method and system in Andriod system | |
CN105512548B (en) | Based on hiding executable mirror image and inject the method for dll protection code images | |
CN105653905A (en) | Software protection method based on API (Application Program Interface) security attribute hiding and attack threat monitoring | |
CN105653980B (en) | A kind of guard method and its system of virtual memory data | |
CN108920253B (en) | Agent-free virtual machine monitoring system and monitoring method | |
CN101866406A (en) | Stack overflow attack defense method | |
CN106991328A (en) | A kind of vulnerability exploit detection recognition method based on Dram fingerprint anomaly analysis | |
CN105653906A (en) | Anti-kernel-hook method based on address randomization | |
CN105868641A (en) | Defending method based on virtual function table hijacking | |
US20220258955A1 (en) | Non-disruptive mitigation of malware attacks | |
Ismail et al. | Tightly Seal Your Sensitive Pointers with {PACTight} | |
CN105956425B (en) | A kind of Android application guard methods based on smali Code obfuscations | |
CN102831334A (en) | Positioning method and positioning system for target address | |
CN106096407A (en) | The defence method that a kind of code reuse is attacked | |
Abrath et al. | Obfuscating windows dlls | |
CN112883374B (en) | General Android platform application program shelling method and system based on ART environment | |
Mustafa et al. | Persistent Memory Security Threats to Interprocess Isolation | |
CN104036192B (en) | Method and device for obtaining scheduling table original data of computer programs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |