Description
Over the years many mechanisms for exploit mitigation have found their way into
modern operating systems and compilers but none can counteract the exploitation
technique called partial pointer overwriting.
In this thesis we describe and implement a mechanism that hooks into the clang
compiler and injects additional code into the compiled programs in order to
prevent the successful exploitation using partial pointer overwrites.
We further analyze and compare various schemes that introduce randomness into
pointers involving a diffusion process and implement three of these into our
framework.
Our performance tests in the evaluation show that by using our plugin quite a
bit of an additional overhead is introduced, increasing the runtimes to about
2-3 times their original values in exchange for the security they provide.
In the summary we suggest ways to improve the performance as part of future work.
|
