About: Shadow stack     Goto   Sponge   NotDistinct   Permalink

An Entity of Type : owl:Thing, within Data Space : dbpedia.org associated with source document(s)

In software, a shadow stack is a mechanism for maintaining control-flow integrity by mitigating return address overwrites such as those seen during exploitation of a stack buffer overflow. The technique is to first keep a record of the legitimate return address for some function call, and then to check that the return address is still correct before returning. This can be accomplished by adding additional instructions to function calls and function epilogues: on calls, store the legitimate return address (that is, the address of the instruction after the call), and on returns, check before actually returning. A stack buffer overflow would be adequate to overwrite the return address on the stack, but not the shadow stack's record of the return address. If the return address and the shadow r

AttributesValues
rdfs:label
  • Shadow stack
rdfs:comment
  • In software, a shadow stack is a mechanism for maintaining control-flow integrity by mitigating return address overwrites such as those seen during exploitation of a stack buffer overflow. The technique is to first keep a record of the legitimate return address for some function call, and then to check that the return address is still correct before returning. This can be accomplished by adding additional instructions to function calls and function epilogues: on calls, store the legitimate return address (that is, the address of the instruction after the call), and on returns, check before actually returning. A stack buffer overflow would be adequate to overwrite the return address on the stack, but not the shadow stack's record of the return address. If the return address and the shadow r
dct:subject
Wikipage page ID
Wikipage revision ID
Link from a Wikipage to another Wikipage
foaf:isPrimaryTopicOf
prov:wasDerivedFrom
has abstract
  • In software, a shadow stack is a mechanism for maintaining control-flow integrity by mitigating return address overwrites such as those seen during exploitation of a stack buffer overflow. The technique is to first keep a record of the legitimate return address for some function call, and then to check that the return address is still correct before returning. This can be accomplished by adding additional instructions to function calls and function epilogues: on calls, store the legitimate return address (that is, the address of the instruction after the call), and on returns, check before actually returning. A stack buffer overflow would be adequate to overwrite the return address on the stack, but not the shadow stack's record of the return address. If the return address and the shadow return address differ, the check inserted before the return instruction will fail; the usual action in such cases is to crash the program, and in some cases alert administrators to the possibility of an intrusion attempt. The technique can be implemented with hardware assistance, by a compiler, or at runtime.
is Link from a Wikipage to another Wikipage of
is foaf:primaryTopic of
Faceted Search & Find service v1.17_git39 as of Aug 09 2019


Alternative Linked Data Documents: PivotViewer | iSPARQL | ODE     Content Formats:       RDF       ODATA       Microdata      About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 07.20.3232 as of Aug 9 2019, on Linux (x86_64-generic-linux-glibc25), Single-Server Edition (61 GB total memory)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2019 OpenLink Software