slides - PDOS - MIT

More documents

Recommendations

Info

INET DIAG infinite loop vulnerability$*ss*‘...’ """""sge""""21,"L1,"rej""";"02"04"...02"00L1:""sge""1024,"L2,"acc""";"02"04"... 02"00L2:""jmp""rej""""""""""""";"01"04"... 01"00acc:"nop"""""""""""""""""";"00"04 00"00rej:Userspacefilter codestruct"inet_diag_bc_op"{"""""//"instruction"header""""unsigned"char"""opcode;""//"opcode""""unsigned"char"""oplen;"""//"instruction"length};//"validate"bytecodeconst"void"*bc"="bytecode;while"(len">"0)"{""""struct"inet_diag_bc_op"*op"="bc;""""...suspiciousSocketsuspiciousfiles state(trusted)files""""bc"+="opP>oplen;""""len"P="opP>oplen;}Infinite loop whenop^>oplen is zero
Page 1 and 2: Security Bugs inEmbedded Interprete
Page 3 and 4: Embedded interpretersHost systemByt
Page 5 and 6: Embedded interpretersHost systemByt
Page 7 and 8: Prevalence of embedded interpreters
Page 15 and 16: Our contributions• Studies of 10
Page 17 and 18: A packet filtering example• Monit
Page 19 and 20: A packet filtering example• Monit
Page 21 and 22: A packet filtering example• Straw
Page 23 and 24: A packet filtering example• Straw
Page 25 and 26: Solution: Berkeley Packet Filter (B
Page 39 and 40: Security of embedded interpreters
Page 45 and 46: INET DIAG infinite loop vulnerabili
Page 51: INET DIAG infinite loop vulnerabili
Page 55 and 56: Vulnerability case studies• Untru
Page 57 and 58: ClamAV signed division vulnerabilit
Page 63 and 64: Vulnerability case studies• Untru
Page 65 and 66: FreeType arbitrary code executionpu
Page 75 and 76: Security guidelines• A better sol
Page 77 and 78: Pitfall 1: complex feature sets
Page 79 and 80: Pitfall 1: complex feature sets•
Page 81 and 82: Pitfall 2: resource consumption
Page 83 and 84: Pitfall 2: resource consumption•
Page 85 and 86: Pitfall 3: calls to the host system
Page 87 and 88: Research Opportunities• Testing e
Page 93 and 94: Conclusion• Embedded interpreters

slides - PDOS - MIT

Create successful ePaper yourself

Delete template?

Save as template?