A method for use in a computing device having a processor, the method comprising: executing a computer program on the processor; while the computer program is running, detecting whether any of a plurality of transition instructions of the computer program is executed, the detecting being performed by using resources that are external to the computer program; in response to detecting that a given one of the transition instructions is executed, detecting whether a current execution flow of the computer program matches a control flow graph for the computer program; and performing a countermeasure action based on one of a mismatch of the current execution flow of the computer program and the control flow graph or a current value of a memory location associated with the computer program; wherein the control flow graph for the computer program is generated by simulating an execution of the computer program.

Methods and devices for hardware-supported schemes for efficient metadata retrieval are described. The schemes may use hardware to efficiently enforce type safety and speed up memory bound checks without imposing undue memory overhead. Multiple such schemes may be supported by a device, permitting the selection of an optimal scheme based on a given memory allocation request. The schemes may be compatible with legacy code and applicable to a wide range of data objects and system constraints. Compilation, instrumentation, and linking of code to effect such schemes is also described.

An electronic device includes a memory storing one or more instructions, and at least one processor configured to execute the one or more instructions to identify whether an annotation binding a first type object and a second type object is declared, and bind the first type object and the second type object, and sign both the bound first type object and the bound second type object based on identifying that the annotation is declared.

An electronic apparatus and a control method of the electronic apparatus is provided. The method includes acquiring source code written in a programing language, identifying a structure including a function pointer from the source code, identifying a plurality of initialized variables as a plurality first variables among variables of the function pointer included in the identified structure, and modifying the source code by changing an indirect call using an unmodifiable variable among the plurality of first variables to a direct call.

An apparatus, method, and computer program product are provided for encrypting a function symbol with relocation. The apparatus includes a compiler module, a static linker module, and an encryptor module. The compiler module inserts sequences of instructions to decrypt function symbols to be randomized at runtime before indirect function calls. The compiler module inserts an instruction sequence at compile time to encrypt an operand register that receives a local function symbol in position-independent code (PIC), where a call or store instruction uses the register as an operand. The static linker module inserts an encoding section at link time. The encoding section includes two columns representing the sizes of function symbols in bits or bytes and the locations storing the function symbols to be encrypted at runtime. The encryptor module encrypts at runtime the function symbols whose sizes and stored memory locations are identified in the encoding section.

Optimizing runtime alias checks includes identifying, by a compiler, a base pointer and a plurality of different memory accesses based on the base pointer in a code loop; generating, by the compiler, a first portion of runtime code to determine a minimum access and a maximum access of the plurality of different memory accesses; and generating, by the compiler, a second portion of runtime code including one or more runtime alias checks for the minimum access and one or more runtime alias checks for the maximum access.

A system and method for accessing a tagged global variable in software, including: randomly generating tags for global variables in the software; tagging the global variables with the random tags; creating a pointer to each global variable with the random tags in unused bits of the pointer wherein the pointer points to the associated global variable; accessing one global variable indirectly using the tagged pointer; determining whether tag on the accessed global variable matches the tag on the accessed pointer; and indicating a fault when the tag on the accessed global variable does not match the tag on the accessed pointer.

A system and method are provided for emulating a code sequence while compiling the code sequence into compiled operations for later execution of the code sequence. In one embodiment, the system includes an emulation model for executing operations and a compilation model for compiling operations. The emulation model may execute operations of the code sequence and the compilation model may compile the operations of the code sequence into compiled operations. The system may transfer execution of the operations from the emulation model to the compiled operations. In certain implementations, the transfer may include transferring flow information and program execution information. In further implementations, the transfer may occur after detecting that a current compilation level of the code sequence exceeds a compilation threshold.

Predicting a Table of Contents (TOC) pointer value responsive to branching to a subroutine. A subroutine is called from a calling module executing on a processor. Based on calling the subroutine, a value of a pointer to a reference data structure, such as a TOC, is predicted. The predicting is performed prior to executing a sequence of one or more instructions in the subroutine to compute the value. The value that is predicted is used to access the reference data structure to obtain a variable value for a variable of the subroutine.

A technique for mitigating against return-oriented programming (ROP) attacks that occur during execution of an application includes receiving source code to compile into an executable application. During a compilation of the source code, one or more functions within the source code that are associated with gadgets in an ROP attack are determined, each of the one or more functions is assigned to one or more protected pages of memory for the executable application, and a tag is assigned to each of the one or more functions. The tag for each function maps to the protected page of memory to which the function is assigned.