摘要 |
A method that allows a called procedure to determine a "safe" upper bound value representing the amount of data that can be written to a stack allocated array/buffer without overwriting any stack-defined data stored in reserved memory blocks in the stack (i.e., any region in memory that is preserved by a calling sequence). More specifically, when a called procedure is passed a stack allocated array/buffer as an argument, the method of the present invention allows the called procedure to call a "bounds checking" procedure that calculates and returns the "safe" upper bound value, thereby allowing the called procedure to prevent, e.g., potentially overwriting a procedure return value due to array overflow when writing data to the array. Advantageously, the "bounds checking" procedure may readily be implemented in any operating system/library to provide secure implementations of library functions that provide buffer overflow vulnerabilities.
|