Research Article
IRePf: An Instruction Reorganization Virtual Platform for Kernel Stack Overflow Detection
Algorithm 1
Instruction reorganization.
| | Input: source code scode | | | Output: reorganization code rcode | | (1) | inaddress; flag = true; i ← 0; j ← 0//inaddress is the entry address of scode. | | (2) | addresstable[n][2] ← (firstaddress, secondaddress) | | (3) | re_fragment[n][2] ← (rcodep, secondaddress)//reorganization instruction fragment rcodep | | (4) | While flag do | | (5) | If scode all run then | | (6) | flag = false | | (7) | else | | (8) | Buffering the running environment of instructions | | (9) | firstaddress ← inaddress or firstaddress ← the address and parameters of jump instructions in stack | | (10) | If MATCH (addresstable[i][1], firstaddress) then | | (11) | secondaddress←addresstable[i][2] | | (12) | Restoring the running environment and jumping to the secondaddress to continue execution. | | (13) | else | | (14) | Disassembling the machine instructions to be executed from until the obtained instruction is jump instruction ins | | (15) | scodep ← The instructions from firstaddress to ins | | | Call Algorithm 2 | | (16) | Restoring the running environment and running rcodep | | (17) | End If | | (18) | End If | | (19) | End While |
|
