vbrandl/WIS-SEC-BOF
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Content and structure

Browse Source
This commit is contained in:
Valentin Brandl 2019-10-28 12:41:43 +01:00
parent 2a030f2f93
commit 133d7badd9
No known key found for this signature in database
GPG Key ID: 30D341DD34118D7D
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
work/01paper.pdf
View File

Binary file not shown.

10
work/01paper.tex
View File

@ -77,6 +77,8 @@ vulnerabilities or at least application crashes.
\subsection{Background}\label{ref:background} \subsection{Background}\label{ref:background}
\subsubsection{Technical Details}
Exploitation of buffer overflow vulnerabilities almost always works by Exploitation of buffer overflow vulnerabilities almost always works by
overriding the return address in the current stack frame, so when the `ret` overriding the return address in the current stack frame, so when the `ret`
instruction is executed, an attacker controlled address is moved into the instruction is executed, an attacker controlled address is moved into the
@ -86,6 +88,8 @@ that, if a linked function is called, an attacker controlled function is called
instead, or (in C++) overriding the vtable where the pointers to an object's instead, or (in C++) overriding the vtable where the pointers to an object's
methods are stored. methods are stored.
\subsubsection{Implications}
\subsection{Concept and Methods}\label{ref:concept} \subsection{Concept and Methods}\label{ref:concept}
\subsubsection{Runtime Bounds Checks} \subsubsection{Runtime Bounds Checks}
@ -153,9 +157,13 @@ circumvent the w\^{}x protection.
\subsubsection{Ineffective or Inefficient} \subsubsection{Ineffective or Inefficient}
Methods that have been shown to be ineffective (e.g. can be circumvented easily)
or inefficient (to much runtime overhead)...
\subsubsection{State of the Art} \subsubsection{State of the Art}
text What techniques are currently used?
\section{Conclusion and Outlook}\label{ref:conclusion} \section{Conclusion and Outlook}\label{ref:conclusion}