CN107895115A - 防止栈溢出的方法、装置及终端设备 - Google Patents
防止栈溢出的方法、装置及终端设备 Download PDFInfo
- Publication number
- CN107895115A CN107895115A CN201711262338.4A CN201711262338A CN107895115A CN 107895115 A CN107895115 A CN 107895115A CN 201711262338 A CN201711262338 A CN 201711262338A CN 107895115 A CN107895115 A CN 107895115A
- Authority
- CN
- China
- Prior art keywords
- variable
- program
- compiled
- compiler
- preset kind
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 230000004048 modification Effects 0.000 claims description 20
- 238000012986 modification Methods 0.000 claims description 20
- 238000004458 analytical method Methods 0.000 claims description 17
- 238000003860 storage Methods 0.000 claims description 4
- 230000007547 defect Effects 0.000 abstract description 10
- 230000000246 remedial effect Effects 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 17
- 230000006854 communication Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 230000008859 change Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000001514 detection method Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000009412 basement excavation Methods 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711262338.4A CN107895115B (zh) | 2017-12-04 | 2017-12-04 | 防止栈溢出的方法、装置及终端设备 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711262338.4A CN107895115B (zh) | 2017-12-04 | 2017-12-04 | 防止栈溢出的方法、装置及终端设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107895115A true CN107895115A (zh) | 2018-04-10 |
CN107895115B CN107895115B (zh) | 2021-01-29 |
Family
ID=61806912
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711262338.4A Active CN107895115B (zh) | 2017-12-04 | 2017-12-04 | 防止栈溢出的方法、装置及终端设备 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107895115B (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112286684A (zh) * | 2020-10-29 | 2021-01-29 | 苏州浪潮智能科技有限公司 | 一种内存使用量控制方法、装置、设备及介质 |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101017458A (zh) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | 基于源代码静态分析的软件安全代码分析器及其检测方法 |
CN101241532A (zh) * | 2008-02-15 | 2008-08-13 | 北京邮电大学 | 面向源代码的基于不等式组求解的缓冲区溢出检测方法 |
US20130013965A1 (en) * | 2011-07-08 | 2013-01-10 | Stmicroelectronics (Rousset) Sas | Microprocessor protected against stack overflow |
CN104503793A (zh) * | 2014-12-24 | 2015-04-08 | 风腾科技(北京)有限公司 | 代码练习软件中代码的运行和图形化的解析方法 |
CN104657190A (zh) * | 2015-02-14 | 2015-05-27 | 南威软件股份有限公司 | 一种基于c语言家族的增强开关语句功能的方法 |
CN104714885A (zh) * | 2015-02-13 | 2015-06-17 | 小米科技有限责任公司 | 栈溢出位置的检测方法及装置 |
US20150347102A1 (en) * | 2014-05-30 | 2015-12-03 | Apple Inc. | Programming system and language for application development |
CN105809039A (zh) * | 2016-03-04 | 2016-07-27 | 南京大学 | 缓冲区溢出漏洞自动修复方法 |
-
2017
- 2017-12-04 CN CN201711262338.4A patent/CN107895115B/zh active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101017458A (zh) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | 基于源代码静态分析的软件安全代码分析器及其检测方法 |
CN101241532A (zh) * | 2008-02-15 | 2008-08-13 | 北京邮电大学 | 面向源代码的基于不等式组求解的缓冲区溢出检测方法 |
US20130013965A1 (en) * | 2011-07-08 | 2013-01-10 | Stmicroelectronics (Rousset) Sas | Microprocessor protected against stack overflow |
US20150347102A1 (en) * | 2014-05-30 | 2015-12-03 | Apple Inc. | Programming system and language for application development |
CN104503793A (zh) * | 2014-12-24 | 2015-04-08 | 风腾科技(北京)有限公司 | 代码练习软件中代码的运行和图形化的解析方法 |
CN104714885A (zh) * | 2015-02-13 | 2015-06-17 | 小米科技有限责任公司 | 栈溢出位置的检测方法及装置 |
CN104657190A (zh) * | 2015-02-14 | 2015-05-27 | 南威软件股份有限公司 | 一种基于c语言家族的增强开关语句功能的方法 |
CN105809039A (zh) * | 2016-03-04 | 2016-07-27 | 南京大学 | 缓冲区溢出漏洞自动修复方法 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112286684A (zh) * | 2020-10-29 | 2021-01-29 | 苏州浪潮智能科技有限公司 | 一种内存使用量控制方法、装置、设备及介质 |
CN112286684B (zh) * | 2020-10-29 | 2022-08-02 | 苏州浪潮智能科技有限公司 | 一种内存使用量控制方法、装置、设备及介质 |
Also Published As
Publication number | Publication date |
---|---|
CN107895115B (zh) | 2021-01-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8898776B2 (en) | Automatic context-sensitive sanitization | |
Lhee et al. | {Type-Assisted} Dynamic Buffer Overflow Detection | |
US9824214B2 (en) | High performance software vulnerabilities detection system and methods | |
EP2182460A2 (en) | Structural recognition of malicious code patterns | |
US20070271617A1 (en) | Vulnerability check program, vulnerability check apparatus, and vulnerability check method | |
CN111859375A (zh) | 漏洞检测方法、装置、电子设备及存储介质 | |
WO2009094384A2 (en) | A method and apparatus for constructing security policies for web content instrumentation against browser-based attacks | |
CN105678168A (zh) | 一种基于栈异常的shellcode检测方法及装置 | |
CN105573915A (zh) | 一种基于代码覆盖率的测试方法和装置 | |
EP3495978A1 (en) | Method for detecting vulnerabilities in software | |
CN103823873A (zh) | 一种浏览器设置项的读/写方法、装置和系统 | |
US11868465B2 (en) | Binary image stack cookie protection | |
US20070130620A1 (en) | Method, computer arrangement, computer program and computer program product for checking for the presence of control statements in a data value | |
CN107895115A (zh) | 防止栈溢出的方法、装置及终端设备 | |
Chahar et al. | Code analysis for software and system security using open source tools | |
US8484753B2 (en) | Hooking nonexported functions by the offset of the function | |
CN106411899A (zh) | 数据文件的安全检测方法及装置 | |
US9164869B2 (en) | Scalable and precise string analysis using index-sensitive static string abstractions | |
EP3975021A1 (en) | Method and system for data flow monitoring to identify application security vulnerabilities and to detect and prevent attacks | |
CN111752570A (zh) | 一种编译方法、装置、终端及计算机可读存储介质 | |
Schütte et al. | lios: Lifting ios apps for fun and profit | |
CN104462966B (zh) | Pdf中触发漏洞威胁的检测方法及装置 | |
CN104239800B (zh) | Pdf中触发漏洞威胁的检测方法及装置 | |
Saeed et al. | Tag-protector: an effective and dynamic detection of illegal memory accesses through compile time code instrumentation | |
CN116861376A (zh) | 一种跨平台的Java应用运行时安全保护方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210721 Address after: 100080 room 401-3, 4th floor, building 1, yard 1, Danling street, Haidian District, Beijing Patentee after: Beijing Yuanxin Junsheng Technology Co.,Ltd. Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Beijing Patentee before: BEIJING YUANXIN SCIENCE & TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180410 Assignee: Yuanxin Information Technology Group Co.,Ltd. Assignor: Beijing Yuanxin Junsheng Technology Co.,Ltd. Contract record no.: X2021110000024 Denomination of invention: Method, device and terminal device for preventing stack overflow Granted publication date: 20210129 License type: Common License Record date: 20210804 |
|
EE01 | Entry into force of recordation of patent licensing contract |