Some heap overflow exploit overwrite function pointer ( including C++ vptr ) .
Function pointer itself can not be protected effectively.
But exploit using function pointer overwriting can be mitigated effectively under DEP.
if extra 2 or 3 instructions can be executed at each function pointer call ,
it is very hard to exploit successfully.
If you are interested in my idea , send mail to ohojang@gmail.com
No comments:
Post a Comment