ShadowStack
LLVM Implementation of different ShadowStack schemes for x86_64
In computer security, a shadow stack is a mechanism for protecting a procedure's stored return address, such as from a stack buffer overflow. The shadow stack itself is a second, separate stack that \"shadows\" the program call stack. In the function prologue, a function stores its return address to both the call stack and the shadow stack. In the function epilogue, a function loads the return address from both the call stack and the shadow stack, and then compares them. If the two records of the return address differ, then an attack is detected; the typical course of action is simply to terminate the program or alert system administrators about a possible intrusion attempt.
inactive
—
entered showcase: 2020-02-21
—
entry updated: 2024-04-12
This project has not yet been evaluated by the C4DT Factory team.
We will be happy to evaluate it upon request.
Application
C, assembly