Abstract. Security folklore holds that a security mechanism based on stack inspection is incompatible with a global tail call optimization pol icy. An implementation of such a language may have to allocate memory for a source-code tail call, and a program that uses only tail calls (and no other memory-allocating construct) may nevertheless exhaust the avail able memory. In this paper, we prove this widely held belief wrong. We exhibit an abstract machine for a language with security stack inspection whose space consumption function is equivalent to that of the canonical tail call optimizing abstract machine. Our machine is surprisingly simple and suggests that tail-calls are as easy to implement in a security setting as they are in a conven...
Manipulations of return addresses on the stack are the basis for a variety of attacks on programs wr...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
This paper presents an approach to analyze stack-based assembly code with respect to leakages of pri...
Abstract. Security folklore holds that a security mechanism based on stack inspection is incompatibl...
Security folklore holds that a security mechanism based on stack inspection is incompatible with a g...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
One method for producing verified implementations of programming languages is to formally derive th...
The term stack safety is used to describe a variety of compiler, runtime, and hardware mechanisms fo...
Current implementations of Java make security decisions by searching the runtime call stack. These s...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
The Java virtual machine and the .NET common language runtime feature an access control mechanism sp...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Using a stack for managing the local state of procedures as popularized by Algol is a simple but eff...
Abstract—StackArmor is a comprehensive protection tech-nique for stack-based memory error vulnerabil...
Controlling resource usage is important for the reliability, efficiency and security of software sys...
Manipulations of return addresses on the stack are the basis for a variety of attacks on programs wr...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
This paper presents an approach to analyze stack-based assembly code with respect to leakages of pri...
Abstract. Security folklore holds that a security mechanism based on stack inspection is incompatibl...
Security folklore holds that a security mechanism based on stack inspection is incompatible with a g...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
One method for producing verified implementations of programming languages is to formally derive th...
The term stack safety is used to describe a variety of compiler, runtime, and hardware mechanisms fo...
Current implementations of Java make security decisions by searching the runtime call stack. These s...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
The Java virtual machine and the .NET common language runtime feature an access control mechanism sp...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Using a stack for managing the local state of procedures as popularized by Algol is a simple but eff...
Abstract—StackArmor is a comprehensive protection tech-nique for stack-based memory error vulnerabil...
Controlling resource usage is important for the reliability, efficiency and security of software sys...
Manipulations of return addresses on the stack are the basis for a variety of attacks on programs wr...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
This paper presents an approach to analyze stack-based assembly code with respect to leakages of pri...