Intercepting subroutine return in unmodified binaries

Invention Grant

US09129062B1 Intercepting subroutine return in unmodified binaries 有权

Title translation: 截取子程序返回未修改的二进制文件

Please log in to see more content

Patent Title: Intercepting subroutine return in unmodified binaries
Patent Title (中): 截取子程序返回未修改的二进制文件
Application No.: US12784315

Application Date: 2010-05-20
Publication No.: US09129062B1

Publication Date: 2015-09-08
Inventor: Keith Adams , Eli Daniel Collins
Applicant: Keith Adams , Eli Daniel Collins
Applicant Address: US CA Palo Alto
Assignee: VMware, Inc.
Current Assignee: VMware, Inc.
Current Assignee Address: US CA Palo Alto
Main IPC: G06F9/44
IPC: G06F9/44 ; G06F11/36

Intercepting subroutine return in unmodified binaries

Abstract:

Systems and methods for instrumenting code are disclosed. The entry to a subroutine is trapped and the subroutine's return address is mutated to create an invalid instruction pointer. The mutated return address is stored in the architecture reserved space for the return address. An exception handler is executed that has been instrumented to handle the fault caused by the mutated return address such that the exit from the subroutine is instrumented.

Abstract(Chinese):

公开了用于测试代码的系统和方法。子程序的入口被捕获，并且子程序的返回地址被突变以创建无效的指令指针。突变的返回地址存储在返回地址的架构保留空间中。执行一个异常处理程序，该异常处理程序已被检测到处理由突变返回地址引起的故障，以便子程序的退出被检测。

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F9/00	程序控制装置，例如，控制单元（用于外部设备的程序控制入G06F13/10）
G06F9/06	.应用存入的程序的，即应用处理设备的内部存储来接收程序并保持程序的
G06F9/44	..用于执行专门程序的装置