CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12503 > Article
Paper
28 November 2022 Heap memory vulnerability utilization method in Zig language
Yuyang Chen
Author Affiliations +
Proceedings Volume 12503, International Conference on Network Communication and Information Security (ICNCIS 2022); 125030T (2022) https://doi.org/10.1117/12.2657060
Event: International Conference on Network Communication and Information Security (ICNCIS 2022), 2022, Qingdao, China
Abstract
In software security, heap memory vulnerability is a common type of vulnerability. However, heap memory vulnerabilities can only lead to the collapse of the program in most cases. In order to achieve the purpose of getshell, it is still necessary to construct and use it. Zig language is a development-oriented programming language and will have more applications in the future. Based on the mechanism and principle of heap memory implementation in zig language, this paper finds several methods to exploit heap memory vulnerabilities, which can achieve the attack effect of writing eight-byte data at any writable address and applying for any address, respectively. On this basis, some corresponding defense methods are proposed, which provides ideas for the utilization and defense of heap memory vulnerabilities in binary security.
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Yuyang Chen "Heap memory vulnerability utilization method in Zig language", Proc. SPIE 12503, International Conference on Network Communication and Information Security (ICNCIS 2022), 125030T (28 November 2022); https://doi.org/10.1117/12.2657060
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 7 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Computer programming
Computer security
Computer programming languages
Defense and security
Control systems
Distribution
Process control
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top