翻訳と辞書
Words near each other
・ Weird (travel guides)
・ Weird Canada
・ Weird City
・ Weird Dreams
・ Weird Era Cont.
・ Weird Fantasy
・ Weird fiction
・ Weird Fish
・ Weird fish
・ Weird Food and Devastation
・ Weird Heroes
・ Weird Kids (album)
・ Weird Lake
・ Weird Little Boy
・ Weird Loners
Weird machine
・ Weird MC
・ Weird menace
・ Weird Mystery Tales
・ Weird Nature
・ Weird NJ
・ Weird number
・ Weird or What?
・ Weird Paul Petroskey
・ Weird Revolution
・ Weird Scenes Inside the Gold Mine
・ Weird Science
・ Weird Science (comics)
・ Weird Science (film)
・ Weird Science (song)


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Weird machine : ウィキペディア英語版
Weird machine
In computer security, the weird machine is a computational artifact where additional code execution can happen outside the original specification of the program. It is closely related to the concept of weird instructions, which are the building blocks of an exploit based on crafted input data.
While expected, valid input activates the normal, intended functionality in a computer program, input that was unexpected by the program developer may activate unintended functionality. The weird machine consists of this unintended functionality that can be programmed with selected inputs in an exploit.
In a classical attack taking advantage of a stack buffer overflow, the input given to a vulnerable program is crafted and delivered so that it itself becomes executed as program code. However, if the data areas of the program memory have been protected so that they cannot be executed directly like this, the input may instead take the form of pointers into pieces of existing program code that then become executed in an unexpected order to generate the functionality of the exploit. These snippets of code that are used by the exploit are referred to as ''gadgets'' in the context of return-oriented programming.
Through interpretation of data as code, weird machine functionality that is by definition outside the original program specification can be reached also by Proof-Carrying Code, which has been formally proven to function in a certain specific way. This disparity is essentially caused by a disconnect between formal abstract modelling of a computer program and its real-world instance, which can be influenced by events that are not captured in the original abstraction, such as memory errors or power outages.
Two central categories of mitigation to the problems caused by weird machine functionality include input validation within the software and protecting against problems arising from the platform on which the program runs, such as memory errors. Input validation aims to limit the scope and forms of unexpected inputs e.g. through whitelists of allowed inputs, so that the software program itself would not end up in an unexpected state by interpreting the data internally. Equally importantly, secure programming practices such as protecting against buffer overflows make it less likely that input data becomes interpreted in unintended ways by lower layers, such as the hardware on which the program is executed.
== See also ==

* Exploit (computer security)
* Stack buffer overflow
* Return-oriented programming

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Weird machine」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.