Next: How to Insert RAD
Up: Binary Instrumentation
Previous: Binary Instrumentation
The additional code required by RAD [1] involves
- Saving a copy of the return address on the stack in the return address repository (RAR) at the function prologue, and
- Checking the return address on the stack with the saved copy in the RAR at the function epilogue, popping it off the RAR in the event we have a match, or flag an exception otherwise.
Instead of adding function prologues and epilogues to every function, we choose to do so only for 'interesting' functions, which are functions that contain a sequence of instructions for stack frame allocation and deallocation for local variables. A function without local variables could never be vulnerable to a stack based buffer overflow.
Manish Prasad
2003-04-05