A reliable return address stack: microarchitectural features to defeat stack smashing

Buffer overflow vulnerability is one of the most common security bugs existing in today's software systems. In this paper, we propose a microarchitectural design of a return address stack aiming to detect and stop stack smashing. This approach has been used in other proposals to guard against buffer overflow vulnerabilities. Our contribution is a design that handle multipath execution, speculative execution, abnormal control flow, and extended call depth. Our solution makes no assumption about the presence of architecturally visible calls and returns.

[1]  Todd M. Austin,et al.  The SimpleScalar tool set, version 2.0 , 1997, CARN.

[2]  David A. Wagner,et al.  A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.

[3]  Gyungho Lee,et al.  Repairing return address stack for buffer overflow protection , 2004, CF '04.

[4]  Margaret Martonosi,et al.  Improving prediction for procedure returns with return-address-stack repair mechanisms , 1998, Proceedings. 31st Annual ACM/IEEE International Symposium on Microarchitecture.

[5]  Jun Xu,et al.  Architecture Support for Defending Against Buffer Overflow Attacks , 2002 .

[6]  A. One,et al.  Smashing The Stack For Fun And Profit , 1996 .

[7]  D.R. Kaeli,et al.  Branch history table prediction of moving target branches due to subroutine returns , 1991, [1991] Proceedings. The 18th Annual International Symposium on Computer Architecture.

[8]  Ruby B. Lee,et al.  A processor architecture defense against buffer overflow attacks , 2003, International Conference on Information Technology: Research and Education, 2003. Proceedings. ITRE2003..

[9]  André Seznec,et al.  Branch prediction and simultaneous multithreading , 1996, Proceedings of the 1996 Conference on Parallel Architectures and Compilation Technique.