Download now Free registration required
This paper reconsiders the threat posed by Shacham's "Return-oriented programming" - a technique by which OX-style hardware protections are evaded via carefully crafted stack frames that divert control flow into the middle of existing variable-length x86 instructions - creating short new instructions streams that then return. The paper believes this attack is both more general and a greater threat than the author appreciated. In fact, the vulnerability is not limited to the x86 architecture or any particular operating system, is readily exploitable, and bypasses an entire category of malware protections. This paper demonstrates general return-oriented programming on the SPARC, a fixed instruction length RISC architecture with structured control flow.
- Format: PDF
- Size: 193 KB