To be clear: SafeStack does *NOT* prevent return oriented programming. It makes ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		thisismyhaendel on June 26, 2015 \| parent \| context \| favorite \| on: LLVM merges SafeStack To be clear: SafeStack does NOT prevent return oriented programming. It makes the bar much higher, and it should be lauded for that. But please don't for a second think that this is a solved problem: ROP can occur on the heap, for instance. CPI as a system also does not completely solve the problem: it is possible to break, for example (http://web.mit.edu/ha22286/www/papers/conference/Oakland15.p... ) and despite the CPI author's conclusions, produces high overheads for programs with large amounts of code pointers (C++ programs with vtables are good examples). Also not prevented are attacks that use data pointers (non control-flow data attacks), an area that has seen little study.

thisismyhaendel on June 26, 2015 [–]

Also see papers like BlindROP: http://www.scs.stanford.edu/~sorbo/brop/bittau-brop.pdf and Sigreturn oriented programming: https://www.cs.vu.nl/~herbertb/papers/srop_sp14.pdf to get a little bit more of the idea of how complicated ROP can actually get.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact