| 摘要 |
Disclosed is a method for restricting access of a first code of a plurality of codes and data of a first function from a second function. Thee method comprises calling the second function by the first function, addresses of the plurality of data may be stored in a stack page and colored in a first color ( 102 ). The method comprises performing access control check in a transition page for verifying whether the first function has permission to call the second function ( 104 ). Further the method comprises protecting the first code from the second function by coloring the data and/or addresses in a second color ( 106 ). Furthermore, the method comprises executing the second function by pushing addresses of the second function on the stack page, the addresses of the second function colored in a third color ( 108 ) and unprotecting the first code by coloring the addresses of the first code in the first color ( 110 ).
|
