Abstract: Using various embodiments, methods and systems for computing a self-assembling indirect control flow graph based on one or more function types and function pointer types are described. In one embodiment the indirect control flow graph is computed by finding one or more function types and function pointer types in source code and/or binary code, computing one or more identifier tags for each type, classifying functions and function pointers based on the computed tags. In one embodiment, the classification tags can be used in a tag check based Control Flow Integrity system. In another embodiment, the classification tags can be used to convert indirect function calls into direct function calls. Yet in another embodiment, tag checks can be eliminated in a Control Flow Integrity system.
Abstract: Using various embodiments, methods and systems to optimize the execution of a software program are disclosed. In one embodiment, a system is configured to identify a first vertex of an indirect control flow graph (ICFG) of a control flow graph (CFG) of the software program representing an indirect control transfer to a first function in the software program. Thereafter, a first type signature associated with the indirect control transfer is determined and a first tag value from the first type signature is computed. The system also identifies a second vertex of the ICFG representing a second function of the software program and determines a second type signature of the second function to compute a second tag value from the second type signature. When it is determined that the first tag value equals to the second tag value, the system modifies the CFG to optimize execution of the software program.
Abstract: Using various embodiments, methods and systems for computing a self-assembling indirect control flow graph based on one or more function types and function pointer types are described. In one embodiment the indirect control flow graph is computed by finding one or more function types and function pointer types in source code and/or binary code, computing one or more identifier tags for each type, classifying functions and function pointers based on the computed tags. In one embodiment, the classification tags can be used in a tag check based Control Flow Integrity system. In another embodiment, the classification tags can be used to convert indirect function calls into direct function calls. Yet in another embodiment, tag checks can be eliminated in a Control Flow Integrity system.