You don't have to stray too far from the financial pages to know that returns of any kind aren't much to brag about these days. You could say the same thing about "return-oriented programing." In a nutshell, return-oriented programming security attacks start out like familiar attacks, in which attackers take advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designers. But instead of injecting outside code, return-oriented programming lets attackers create any kind of computation or program by using the existing code. Sounds like fun, eh?

November 23, 2008
URL:http://www.drdobbs.com/security/security-and-return-oriented-programming/228701021

Terms of Service | Privacy Statement | Copyright © 2024 UBM Tech, All rights reserved.