Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Computer Engineering
Preventing Variadic Function Attacks Through Argument Width Counting, Brennan Ward
Preventing Variadic Function Attacks Through Argument Width Counting, Brennan Ward
USF Tampa Graduate Theses and Dissertations
Format String attacks, first noted in June 2000 [1], are a type of attack in which anadversary has control of the string argument (the format string) passed to a string format function (such as printf). Such control allows the attacker to read and write arbitrary program memory. To prevent these attacks, various methodologies have been proposed, each with their own costs and benefits. I present a novel solution to this problem through argument width counting, ensuring that such format functions cannot access stack memory beyond the space where arguments were placed. Additionally, I show how this approach can be expanded …
Strong-Dism: A First Attempt To A Dynamically Typed Assembly Language (D-Tal), Ivory Hernandez
Strong-Dism: A First Attempt To A Dynamically Typed Assembly Language (D-Tal), Ivory Hernandez
USF Tampa Graduate Theses and Dissertations
Dynamically Typed Assembly Language (D-TAL) is not only a lightweight and effective solution to the gap generated by the drop in security produced by the translation of high-level language instructions to low-level language instructions, but it considerably eases up the burden generated by the level of complexity required to implement typed assembly languages statically. Although there are tradeoffs between the static and dynamic approaches, focusing on a dynamic approach leads to simpler, easier to reason about, and more feasible ways to understand deployment of types over monomorphically-typed or untyped intermediate languages. On this occasion, DISM, a simple but powerful and …