专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US06993663B1 Input buffer overrun checking and prevention 有权
标题翻译：输入缓冲区溢出检查和预防
公开(公告)号：US06993663B1
公开(公告)日：2006-01-31
申请号：US09653618
申请日：2000-08-31
申请人： Cem Paya , Sanjay G. Shenoy , Louis Lafreniere
发明人： Cem Paya , Sanjay G. Shenoy , Louis Lafreniere
IPC分类号： G06F11/30 , H04L9/00
CPC分类号： G06F21/52
摘要： A method, apparatus, and article of manufacture for detecting and preventing input data buffer overrun storing a security token containing a randomly generated data pattern in memory between an input data buffer and memory locations containing instruction address pointers. First one pushes all arguments to a function onto the stack data structure and pushes a return address onto the stack data structure for use in obtaining the memory address for the instruction to be executed upon completion of the function before it pushes onto the stack data structure a security token. This security token comprises a randomly generated data value. Next one allocates memory locations on the stack data structure for use as local variables within the function, completes the instructions within the function, retrieves the security token value from the stack data structure; and if the retrieved security token value is identical to the randomly generated data value, returns from the function using the return address stored on the stack data structure.
摘要翻译：一种用于检测和防止输入数据缓冲器溢出的方法，装置和制品，其将包含随机生成的数据模式的安全令牌存储在输入数据缓冲器和包含指令地址指针的存储器位置之间。首先将函数的所有参数推送到堆栈数据结构上，并将返回地址推送到堆栈数据结构上，以在完成功能之前获取要执行的指令的存储器地址，然后再将其推入堆栈数据结构a 安全令牌该安全令牌包括随机生成的数据值。下一个在堆栈数据结构上分配内存位置作为功能内的局部变量，完成功能内的指令，从堆栈数据结构中检索安全令牌值; 并且如果检索到的安全令牌值与随机生成的数据值相同，则使用存储在堆栈数据结构上的返回地址从该函数返回。

2. 发明授权

US08990930B2 Code property analysis for security mitigations 有权
标题翻译：用于安全缓解的代码属性分析
公开(公告)号：US08990930B2
公开(公告)日：2015-03-24
申请号：US12366666
申请日：2009-02-06
申请人： Tim W. Burrell , Jonathan E. Caves , Louis Lafreniere , Richard M. Shupak
发明人： Tim W. Burrell , Jonathan E. Caves , Louis Lafreniere , Richard M. Shupak
IPC分类号： G06F11/00 , G06F21/54 , G06F21/55 , G06F21/56
CPC分类号： G06F21/577 , G06F21/54 , G06F21/554 , G06F21/563 , G06F2221/033
摘要： Attempts to make code secure often are associated with performance penalties. To facilitate striking an acceptable balance between performance and security, vulnerable areas of source code are identified. The vulnerable areas are examined for areas that are actually safe and the safe areas are filtered from the universe of code that receives security mitigations. The remaining code receives security mitigations appropriate to the level of risk of the code.
摘要翻译：经常使代码安全的尝试与性能惩罚相关联。为了在性能和安全性之间达到可接受的平衡，确定了源代码的脆弱区域。对实际安全的区域进行脆弱地区的检查，并从接收安全缓解的守则宇宙中过滤安全区域。剩余的代码接收适合代码风险级别的安全缓解。

3. 发明申请

US20120297360A1 DYNAMIC CODE GENERATION AND MEMORY MANAGEMENT FOR COMPONENT OBJECT MODEL DATA CONSTRUCTS 有权
标题翻译：组件对象模型数据结构的动态代码生成和内存管理
公开(公告)号：US20120297360A1
公开(公告)日：2012-11-22
申请号：US13111927
申请日：2011-05-19
申请人： Steven Lucco , Louis Lafreniere , Yong Qu
发明人： Steven Lucco , Louis Lafreniere , Yong Qu
IPC分类号： G06F9/44
CPC分类号： G06F8/75 , G06F8/30 , G06F9/449 , G06F9/5022
摘要： Dynamic code generation and memory management techniques are provided for component object model (COM) objects with corresponding representations in script code and native code. A browser component can receive script code including the code representing the COM object and a marshaling component is provided that marshals, based on a request for native code representing the COM object, the code representing the COM object to the native code based on a pre-constructed intermediate data structure. The pre-constructed intermediate data structure, such as a virtual table, is pre-constructed based on a dynamic type representation associated with a prototype of the COM object and cached for re-use by the marshaling component. Other embodiments provide finalizer support for memory management of COM objects having script and native world representations including an implementation of a two-phase commit protocol that enables efficient and conservative recycling of objects and associated memory.
摘要翻译：为脚本代码和本地代码中的对应表示的组件对象模型（COM）对象提供动态代码生成和内存管理技术。浏览器组件可以接收包括代表COM对象的代码的脚本代码，并且提供编组组件，其基于对表示COM对象的本地代码的请求，基于预编译器代表代表本地代码的COM对象的代码，构建中间数据结构。基于与COM对象的原型相关联的动态类型表示，预先构建的中间数据结构（例如虚拟表）被预先构建，并被缓存以供编组组件重新使用。其他实施例提供对具有脚本和本地世界表示的COM对象的存储器管理的终结器支持，包括实现对象和相关联的存储器的有效和保守的循环的两阶段提交协议的实现。

4. 发明申请

US20100205673A1 CODE PROPERTY ANALYSIS FOR SECURITY MITIGATIONS 有权
标题翻译：用于安全减轻的代码属性分析
公开(公告)号：US20100205673A1
公开(公告)日：2010-08-12
申请号：US12366666
申请日：2009-02-06
申请人： Tim W. Burrell , Jonathan E. Caves , Louis Lafreniere , Richard M. Shupak
发明人： Tim W. Burrell , Jonathan E. Caves , Louis Lafreniere , Richard M. Shupak
IPC分类号： G06F21/00
CPC分类号： G06F21/577 , G06F21/54 , G06F21/554 , G06F21/563 , G06F2221/033
摘要： Attempts to make code secure often are associated with performance penalties. To facilitate striking an acceptable balance between performance and security, vulnerable areas of source code are identified. The vulnerable areas are examined for areas that are actually safe and the safe areas are filtered from the universe of code that receives security mitigations. The remaining code receives security mitigations appropriate to the level of risk of the code.
摘要翻译：经常使代码安全的尝试与性能惩罚相关联。为了在性能和安全性之间达到可接受的平衡，确定了源代码的脆弱区域。对实际安全的区域进行脆弱地区的检查，并从接收安全缓解的守则宇宙中过滤安全区域。剩余的代码接收适合代码风险级别的安全缓解。

5. 发明授权

US09342274B2 Dynamic code generation and memory management for component object model data constructs 有权
标题翻译：组件对象模型数据结构的动态代码生成和内存管理
公开(公告)号：US09342274B2
公开(公告)日：2016-05-17
申请号：US13111927
申请日：2011-05-19
申请人： Steven Lucco , Louis Lafreniere , Yong Qu
发明人： Steven Lucco , Louis Lafreniere , Yong Qu
IPC分类号： G06F9/44 , G06F9/50
CPC分类号： G06F8/75 , G06F8/30 , G06F9/449 , G06F9/5022
摘要： Dynamic code generation and memory management techniques are provided for component object model (COM) objects with corresponding representations in script code and native code. A browser component can receive script code including the code representing the COM object and a marshaling component is provided that marshals, based on a request for native code representing the COM object, the code representing the COM object to the native code based on a pre-constructed intermediate data structure. The pre-constructed intermediate data structure, such as a virtual table, is pre-constructed based on a dynamic type representation associated with a prototype of the COM object and cached for re-use by the marshaling component. Other embodiments provide finalizer support for memory management of COM objects having script and native world representations including an implementation of a two-phase commit protocol that enables efficient and conservative recycling of objects and associated memory.
摘要翻译：为脚本代码和本地代码中的对应表示的组件对象模型（COM）对象提供动态代码生成和内存管理技术。浏览器组件可以接收包括代表COM对象的代码的脚本代码，并且提供编组组件，其基于对表示COM对象的本地代码的请求，基于预编译器代表代表本地代码的COM对象的代码，构建中间数据结构。基于与COM对象的原型相关联的动态类型表示，预先构建的中间数据结构（例如虚拟表）被预先构建，并被缓存以供编组组件重新使用。其他实施例提供对具有脚本和本地世界表示的COM对象的存储器管理的终结器支持，包括实现对象和相关联的存储器的有效和保守的循环的两阶段提交协议的实现。

6. 发明授权

US08250544B2 Annotating exception information in a computer program 有权
标题翻译：在计算机程序中注释异常信息
公开(公告)号：US08250544B2
公开(公告)日：2012-08-21
申请号：US12043007
申请日：2008-03-05
申请人： Christopher M. McKinsey , Marko Krsta Radmilac , Charles L. Mitchell , Andrew E. Ayers , Louis Lafreniere
发明人： Christopher M. McKinsey , Marko Krsta Radmilac , Charles L. Mitchell , Andrew E. Ayers , Louis Lafreniere
IPC分类号： G06F9/44
CPC分类号： G06F8/443
摘要： Annotation of exception information in a computer program. This annotation is not present in the source code itself, but is annotated during the compilation process or perhaps for purpose of analyzing the code. To perform the annotation, environmental rules are accessed regarding the environment in which the program is to be executed. The program is then evaluated in the context of these environmental rules to detect portions that, in the context of the environmental rules, may cause exceptions to be thrown. Those portions may then be annotated with exception information that describes any exceptions that could be thrown at that detected portion.
摘要翻译：在计算机程序中注释异常信息。该注释不存在于源代码本身中，但在编译过程中进行注释，也可能用于分析代码。要执行注释，请访问有关执行程序的环境的环境规则。然后在这些环境规则的上下文中对该程序进行评估，以检测在环境规则的上下文中可能引起异常的部分。然后可以使用描述可能在该检测到的部分处抛出的任何异常的异常信息来注释那些部分。

7. 发明申请

US20090228869A1 ANNOTATING EXCEPTION INFORMATION IN A COMPUTER PROGRAM 有权
标题翻译：在计算机程序中提示异常信息
公开(公告)号：US20090228869A1
公开(公告)日：2009-09-10
申请号：US12043007
申请日：2008-03-05
申请人： Christopher M. McKinsey , Marko Krsta Radmilac , Charles L. Mitchell , Andrew E. Ayers , Louis Lafreniere
发明人： Christopher M. McKinsey , Marko Krsta Radmilac , Charles L. Mitchell , Andrew E. Ayers , Louis Lafreniere
IPC分类号： G06F9/44
CPC分类号： G06F8/443
摘要： Annotation of exception information in a computer program. This annotation is not present in the source code itself, but is annotated during the compilation process or perhaps for purpose of analyzing the code. To perform the annotation, environmental rules are accessed regarding the environment in which the program is to be executed. The program is then evaluated in the context of these environmental rules to detect portions that, in the context of the environmental rules, may cause exceptions to be thrown. Those portions may then be annotated with exception information that describes any exceptions that could be thrown at that detected portion.
摘要翻译：在计算机程序中注释异常信息。该注释不存在于源代码本身中，但在编译过程中进行注释，也可能用于分析代码。要执行注释，请访问有关执行程序的环境的环境规则。然后在这些环境规则的上下文中对该程序进行评估，以检测在环境规则的上下文中可能引起异常的部分。然后可以使用描述可能在该检测到的部分处抛出的任何异常的异常信息来注释那些部分。

8. 发明授权

US10466989B2 Fast presentation of markup content having script code 有权
公开(公告)号：US10466989B2
公开(公告)日：2019-11-05
申请号：US13225132
申请日：2011-09-02
申请人： Steven Lucco , Louis Lafreniere , Curtis Cheng-Cheng Man , Paul Adrian Leathers
发明人： Steven Lucco , Louis Lafreniere , Curtis Cheng-Cheng Man , Paul Adrian Leathers
IPC分类号： G06F17/00 , G06F8/41
摘要： Dynamic code generation and coordination techniques are provided for display of dynamic markup documents including script code. A code generation process is not only guided by deferral of code preparation stages and sub-stages, but also informed by various information levels possessed concerning the code itself, either through interpretation or observation of execution, to not only generate modified code, but also to generate alternative code for alternative situations (e.g., generating different loop bodies that can thereafter be readily swapped in or out depending on a given function call by the browser application). A multi-core architecture further improves user experience by asymmetrically ensuring web site presentation and functionality is prioritized for the user experience.

9. 发明授权

US08819649B2 Profile guided just-in-time (JIT) compiler and byte code generation 有权
标题翻译：配置文件指导即时（JIT）编译器和字节码生成
公开(公告)号：US08819649B2
公开(公告)日：2014-08-26
申请号：US13229594
申请日：2011-09-09
申请人： Louis Lafreniere , Curtis Man , Jedrzej Miadowicz , Paul Leathers , Jitendra Kumar , Arjun Bijanki
发明人： Louis Lafreniere , Curtis Man , Jedrzej Miadowicz , Paul Leathers , Jitendra Kumar , Arjun Bijanki
IPC分类号： G06F9/45
CPC分类号： G06F9/4552 , G06F8/41 , G06F11/3612
摘要： Methods, systems, and computer program products are provided for profiling source code to enable improved source code execution. A runtime engine includes a parser, a bytecode generator, an execution controller, an interpreter, a just-in-time (JIT) compiler, and a profile generator. The parser receives source code coded in a dynamic language and parses the source code to generate parsed source code. The bytecode generator converts the parsed source code to bytecode. The interpreter is configured to interpret the bytecode when enabled by the execution controller. The JIT compiler is configured to compile the bytecode when enabled by the execution controller. The profile generator generates profile information from the bytecode and stores the profile information. The execution controller enables the interpreter or the JIT compiler to perform their respective functions based on the profile information.
摘要翻译：提供了方法，系统和计算机程序产品，用于分析源代码以实现改进的源代码执行。运行时引擎包括解析器，字节码生成器，执行控制器，解释器，即时（JIT）编译器和简档生成器。解析器接收以动态语言编码的源代码，并解析源代码以生成解析的源代码。字节码生成器将解析的源代码转换为字节码。解释器配置为在执行控制器启用时解释字节码。 JIT编译器配置为在执行控制器启用时编译字节码。配置文件生成器从字节码生成配置文件信息并存储配置文件信息。执行控制器使解释器或JIT编译器能够基于简档信息来执行它们各自的功能。

10. 发明授权

US07631249B2 Dynamically determining a buffer-stack overrun 有权
标题翻译：动态确定缓冲区堆栈溢出
公开(公告)号：US07631249B2
公开(公告)日：2009-12-08
申请号：US11250347
申请日：2005-10-14
申请人： Shrikrishna V. Borde , Louis Lafreniere , Vance P. Morrison
发明人： Shrikrishna V. Borde , Louis Lafreniere , Vance P. Morrison
IPC分类号： H03M13/00
CPC分类号： G06F21/52
摘要： Example embodiments provide for effectively executing a stack-walk and other operations by dynamically accessing information about the expected location of cookies on a stack. For example, a first function is executed that causes a stack-walk operation to occur. While performing the stack-walk operation, cookie location information for a cookie placed on the stack by a second function different from the first function is accessed. The cookie, if uncorrupted, includes a known value that is used to determine if the stack has been corrupted. Based on the cookie location information, corrupt data representative of the cookie is accessed. A global cookie, which also includes the known value, is also accessed. The known value of the global cookie is then compared with the corrupt data to determine that the stack is corrupted at least up to the location of the corrupt data representative of the cookie.
摘要翻译：示例性实施例提供通过动态地访问关于堆栈上的Cookie的预期位置的信息来有效地执行堆栈步行和其他操作。例如，执行导致堆栈步行操作发生的第一功能。在执行堆栈步行操作时，访问通过与第一功能不同的第二功能放置在堆栈上的cookie的cookie位置信息。 cookie如果未被破坏，则包含用于确定堆栈是否已损坏的已知值。根据cookie位置信息，访问代表cookie的损坏数据。还可以访问还包括已知值的全局cookie。然后将全局cookie的已知值与损坏的数据进行比较，以确定堆栈至少损坏代表cookie的损坏数据的位置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式