{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,16]],"date-time":"2025-11-16T02:12:18Z","timestamp":1763259138064,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,1,26]],"date-time":"2013-01-26T00:00:00Z","timestamp":1359158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,1,26]]},"DOI":"10.1145\/2430553.2430555","type":"proceedings-article","created":{"date-parts":[[2013,1,29]],"date-time":"2013-01-29T16:21:18Z","timestamp":1359476478000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["String oriented programming"],"prefix":"10.1145","author":[{"given":"Mathias","family":"Payer","sequence":"first","affiliation":[{"name":"ETH Zurich, Switzerland"}]},{"given":"Thomas R.","family":"Gross","sequence":"additional","affiliation":[{"name":"ETH Zurich, Switzerland"}]}],"member":"320","published-online":{"date-parts":[[2013,1,26]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_2_1","first-page":"49","volume":"7","author":"Aleph","year":"1996","unstructured":"Aleph 1. Smashing the stack for fun and profit. Phrack 7 , 49 ( Nov. 1996 ), http:\/\/phrack.com\/issues.html?issue=49&id=14. Aleph1. Smashing the stack for fun and profit. Phrack 7, 49 (Nov. 1996), http:\/\/phrack.com\/issues.html?issue=49&id=14.","journal-title":"Phrack"},{"key":"e_1_3_2_1_3_1","first-page":"251","volume-title":"Proc. USENIX ATC","author":"Baratloo A.","year":"2000","unstructured":"Baratloo , A. , Singh , N. , and Tsai , T . Transparent run-time defense against stack smashing attacks . In Proc. USENIX ATC ( 2000 ), pp. 251 -- 262 . Baratloo, A., Singh, N., and Tsai, T. Transparent run-time defense against stack smashing attacks. In Proc. USENIX ATC (2000), pp. 251--262."},{"key":"e_1_3_2_1_4_1","first-page":"105","volume-title":"SSYM'03: Proc. 12th USENIX Security Symp.","author":"Bhatkar E.","year":"2003","unstructured":"Bhatkar , E. , Duvarney , D. C. , and Sekar , R . Address obfuscation: an efficient approach to combat a broad range of memory error exploits . In SSYM'03: Proc. 12th USENIX Security Symp. ( 2003 ), pp. 105 -- 120 . Bhatkar, E., Duvarney, D. C., and Sekar, R. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In SSYM'03: Proc. 12th USENIX Security Symp. (2003), pp. 105--120."},{"key":"e_1_3_2_1_5_1","first-page":"255","volume-title":"SSYM'05: Proc. 14th USENIX Security Symp.","author":"Bhatkar S.","year":"2005","unstructured":"Bhatkar , S. , Bhatkar , E. , Sekar , R. , and Duvarney , D. C . Efficient techniques for comprehensive protection from memory error exploits . In SSYM'05: Proc. 14th USENIX Security Symp. ( 2005 ), pp. 255 -- 270 . Bhatkar, S., Bhatkar, E., Sekar, R., and Duvarney, D. C. Efficient techniques for comprehensive protection from memory error exploits. In SSYM'05: Proc. 14th USENIX Security Symp. (2005), pp. 255--270."},{"key":"e_1_3_2_1_6_1","first-page":"67","volume":"14","author":"The","year":"2010","unstructured":"blackngel. The house of lore : Reloaded. Phrack 14 , 67 ( Nov. 2010 ), http:\/\/phrack.com\/issues.html?issue=67&id=8. blackngel. The house of lore: Reloaded. Phrack 14, 67 (Nov. 2010), http:\/\/phrack.com\/issues.html?issue=67&id=8.","journal-title":"Reloaded. Phrack"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_8_1","volume-title":"SSYM'01: Proc. 10th USENIX Security Symp.","author":"Cowan C.","year":"2001","unstructured":"Cowan , C. , Barringer , M. , Beattie , S. , Kroah-Hartman , G. , Frantzen , M. , and Lokier , J . Format-guard: automatic protection from printf format string vulnerabilities . In SSYM'01: Proc. 10th USENIX Security Symp. ( 2001 ). Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G., Frantzen, M., and Lokier, J. Format-guard: automatic protection from printf format string vulnerabilities. In SSYM'01: Proc. 10th USENIX Security Symp. (2001)."},{"key":"e_1_3_2_1_9_1","volume-title":"SSYM'03: Proc. 12th USENIX Security Symp.","author":"Cowan C.","year":"2003","unstructured":"Cowan , C. , Beattie , S. , Johansen , J. , and Wagle , P . PointguardTM: protecting pointers from buffer overflow vulnerabilities . In SSYM'03: Proc. 12th USENIX Security Symp. ( 2003 ). Cowan, C., Beattie, S., Johansen, J., and Wagle, P. PointguardTM: protecting pointers from buffer overflow vulnerabilities. In SSYM'03: Proc. 12th USENIX Security Symp. (2003)."},{"key":"e_1_3_2_1_10_1","volume-title":"SSYM'98: Proc. 7th USENIX Security Symp.","author":"Cowan C.","year":"1998","unstructured":"Cowan , C. , Pu , C. , Maier , D. , Hintony , H. , Walpole , J. , Bakke , P. , Beattie , S. , Grier , A. , Wagle , P. , and Zhang , Q . StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks . In SSYM'98: Proc. 7th USENIX Security Symp. ( 1998 ). Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., and Zhang, Q. StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In SSYM'98: Proc. 7th USENIX Security Symp. (1998)."},{"key":"e_1_3_2_1_11_1","first-page":"75","volume-title":"OSDI'06","author":"Erlingsson","year":"2006","unstructured":"Erlingsson , \u00da., Abadi , M. , Vrable , M. , Budiu , M. , and Necula , G. C . XFI: Software guards for system address spaces . In OSDI'06 ( 2006 ), pp. 75 -- 88 . Erlingsson, \u00da., Abadi, M., Vrable, M., Budiu, M., and Necula, G. C. XFI: Software guards for system address spaces. In OSDI'06 (2006), pp. 75--88."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1518684.1518686"},{"key":"e_1_3_2_1_13_1","first-page":"59","volume":"11","author":"Advances","year":"2002","unstructured":"gera, and riq. Advances in format string exploitation. Phrack 11 , 59 ( 2002 ), http:\/\/phrack.com\/issues.html?issue=59&id=7. gera, and riq. Advances in format string exploitation. Phrack 11, 59 (2002), http:\/\/phrack.com\/issues.html?issue=59&id=7.","journal-title":"Phrack"},{"key":"e_1_3_2_1_14_1","first-page":"18","author":"Haas P.","year":"2010","unstructured":"Haas , P. Advanced format string attacks. https:\/\/www.defcon.org\/images\/defcon-18\/dc-18-presentations\/Haas\/DEFCON-18-Haas-Adv-Format-String-Attacks.pdf , DEFCON 18 2010 . Haas, P. Advanced format string attacks. https:\/\/www.defcon.org\/images\/defcon-18\/dc-18-presentations\/Haas\/DEFCON-18-Haas-Adv-Format-String-Attacks.pdf, DEFCON 18 2010.","journal-title":"DEFCON"},{"key":"e_1_3_2_1_15_1","volume-title":"ProPolice: Improved stack-smashing attack detection. IPSJ SIG Notes","author":"Hiroaki E.","year":"2001","unstructured":"Hiroaki , E. , and Kunikazu , Y . ProPolice: Improved stack-smashing attack detection. IPSJ SIG Notes ( 2001 ), 181--188. Hiroaki, E., and Kunikazu, Y. ProPolice: Improved stack-smashing attack detection. IPSJ SIG Notes (2001), 181--188."},{"key":"e_1_3_2_1_16_1","first-page":"58","volume":"11","author":"Nergal","year":"2007","unstructured":"Nergal . The advanced return-into-lib(c) exploits. Phrack 11 , 58 ( Nov. 2007 ), http:\/\/phrack.com\/issues.html?issue=67&id=8. Nergal. The advanced return-into-lib(c) exploits. Phrack 11, 58 (Nov. 2007), http:\/\/phrack.com\/issues.html?issue=67&id=8.","journal-title":"Phrack"},{"key":"e_1_3_2_1_17_1","unstructured":"OWASP. Definition of format string attacks. https:\/\/www.owasp.org\/index.php\/Format_string_attack.  OWASP. Definition of format string attacks. https:\/\/www.owasp.org\/index.php\/Format_string_attack."},{"key":"e_1_3_2_1_18_1","volume-title":"http:\/\/pax.grsecurity.net\/docs\/aslr.txt","author":"Pa","year":"2003","unstructured":"Pa X-Team. PaX ASLR (Address Space Layout Randomization). http:\/\/pax.grsecurity.net\/docs\/aslr.txt , 2003 . PaX-Team. PaX ASLR (Address Space Layout Randomization). http:\/\/pax.grsecurity.net\/docs\/aslr.txt, 2003."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1952682.1952703"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.36"},{"key":"e_1_3_2_1_21_1","first-page":"67","volume":"14","author":"Planet C.","year":"2010","unstructured":"Planet , C. A eulogy for format strings. Phrack 14 , 67 ( 2010 ), http:\/\/phrack.com\/issues.html?issue=67&id=8. Planet, C. A eulogy for format strings. Phrack 14, 67 (2010), http:\/\/phrack.com\/issues.html?issue=67&id=8.","journal-title":"Phrack"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Schwartz E. J.","year":"2011","unstructured":"Schwartz , E. J. , Avgerinos , T. , and Brumley , D . Q: Exploit hardening made easy . In Proceedings of the USENIX Security Symposium ( 2011 ). Schwartz, E. J., Avgerinos, T., and Brumley, D. Q: Exploit hardening made easy. In Proceedings of the USENIX Security Symposium (2011)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_25_1","volume-title":"May","author":"Ubuntu","year":"2012","unstructured":"Ubuntu . List of programs built with PIE. https:\/\/wiki.ubuntu.com\/Security\/Features#pie , May 2012 . Ubuntu. List of programs built with PIE. https:\/\/wiki.ubuntu.com\/Security\/Features#pie, May 2012."},{"key":"e_1_3_2_1_26_1","volume-title":"Exec shield. https:\/\/www.redhat.com\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf","author":"van de Ven A.","year":"2004","unstructured":"van de Ven , A. , and Molnar , I . Exec shield. https:\/\/www.redhat.com\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf , 2004 . van de Ven, A., and Molnar, I. Exec shield. https:\/\/www.redhat.com\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf, 2004."}],"event":{"name":"POPL '13: The 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","SIGACT ACM Special Interest Group on Algorithms and Computation Theory"],"location":"Rome Italy","acronym":"POPL '13"},"container-title":["Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2430553.2430555","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2430553.2430555","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:35:23Z","timestamp":1750235723000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2430553.2430555"}},"subtitle":["when ASLR is not enough"],"short-title":[],"issued":{"date-parts":[[2013,1,26]]},"references-count":26,"alternative-id":["10.1145\/2430553.2430555","10.1145\/2430553"],"URL":"https:\/\/doi.org\/10.1145\/2430553.2430555","relation":{},"subject":[],"published":{"date-parts":[[2013,1,26]]},"assertion":[{"value":"2013-01-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}