{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:14:54Z","timestamp":1772039694804,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,6]],"date-time":"2019-11-06T00:00:00Z","timestamp":1572998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,6]]},"DOI":"10.1145\/3319535.3354224","type":"proceedings-article","created":{"date-parts":[[2019,11,7]],"date-time":"2019-11-07T13:08:32Z","timestamp":1573132112000},"page":"1689-1706","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":32,"title":["Gollum"],"prefix":"10.1145","author":[{"given":"Sean","family":"Heelan","sequence":"first","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]},{"given":"Tom","family":"Melham","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]},{"given":"Daniel","family":"Kroening","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2019,11,6]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Anonymous. 2001. Once Upon a free(). http:\/\/phrack.com\/issues\/57\/9.html.Accessed: 2018-06--28.  Anonymous. 2001. Once Upon a free(). http:\/\/phrack.com\/issues\/57\/9.html.Accessed: 2018-06--28."},{"key":"e_1_3_2_2_2_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS. http:\/\/www.isoc.org\/isoc\/conferences\/ndss\/11\/pdf\/5_5.pdf","author":"Avgerinos Thanassis","year":"2011","unstructured":"Thanassis Avgerinos , Sang Kil Cha , Brent Lim Tze Hao , and David Brumley . 2011 . AEG: Automatic Exploit Generation . In Proceedings of the Network and Distributed System Security Symposium, NDSS. http:\/\/www.isoc.org\/isoc\/conferences\/ndss\/11\/pdf\/5_5.pdf Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao, and David Brumley. 2011.AEG: Automatic Exploit Generation. In Proceedings of the Network and Distributed System Security Symposium, NDSS. http:\/\/www.isoc.org\/isoc\/conferences\/ndss\/11\/pdf\/5_5.pdf"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"crossref","unstructured":"Lorenzo Cavallaro Prateek Saxena and R. Sekar. 2008. On the Limits of Information Flow Techniques for Malware Analysis and Containment. In Detection of Intrusions and Malware and Vulnerability Assessment Diego Zamboni (Ed.). Springer Berlin Heidelberg 143--163.  Lorenzo Cavallaro Prateek Saxena and R. Sekar. 2008. On the Limits of Information Flow Techniques for Malware Analysis and Containment. In Detection of Intrusions and Malware and Vulnerability Assessment Diego Zamboni (Ed.). Springer Berlin Heidelberg 143--163.","DOI":"10.1007\/978-3-540-70542-0_8"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_3_2_2_5_1","volume-title":"Proceedings of USENIX Security Symposium. USENIX.https:\/\/www.microsoft.com\/en-us\/research\/publication\/non-control-data-attacks-are-realistic-threats\/","author":"Chen Shuo","unstructured":"Shuo Chen , Jun Xu , Emre C. Sezer , Prachi Gauriar , and Ravishankar K . Iyer.2005. Non-Control-Data Attacks Are Realistic Threats . In Proceedings of USENIX Security Symposium. USENIX.https:\/\/www.microsoft.com\/en-us\/research\/publication\/non-control-data-attacks-are-realistic-threats\/ Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer.2005. Non-Control-Data Attacks Are Realistic Threats. In Proceedings of USENIX Security Symposium. USENIX.https:\/\/www.microsoft.com\/en-us\/research\/publication\/non-control-data-attacks-are-realistic-threats\/"},{"key":"e_1_3_2_2_6_1","unstructured":"DARPA. 2016. Cyber Grand Challenge. http:\/\/archive.darpa.mil\/cybergrandchallenge\/. Accessed: 2018-06--28.  DARPA. 2016. Cyber Grand Challenge. http:\/\/archive.darpa.mil\/cybergrandchallenge\/. Accessed: 2018-06--28."},{"key":"e_1_3_2_2_7_1","unstructured":"David Tomaschik. 2017. GOT and PLT forpwning. https:\/\/systemoverlord.com\/2017\/03\/19\/got-and-plt-for-pwning.html. Accessed:2019-05-09.  David Tomaschik. 2017. GOT and PLT forpwning. https:\/\/systemoverlord.com\/2017\/03\/19\/got-and-plt-for-pwning.html. Accessed:2019-05-09."},{"key":"e_1_3_2_2_8_1","unstructured":"david942j. [n. d.]. one_gadget. https:\/\/github.com\/david942j\/one_gadget. Accessed: 2019-05-09.  david942j. [n. d.]. one_gadget. https:\/\/github.com\/david942j\/one_gadget. Accessed: 2019-05-09."},{"key":"e_1_3_2_2_9_1","volume-title":"27th USENIX Security Symposium(USENIX Security 18)","author":"Eckert Moritz","year":"2018","unstructured":"Moritz Eckert , Antonio Bianchi , Ruoyu Wang , Yan Shoshitaishvili , Christopher Kruegel , and Giovanni Vigna . 2018 . Heap Hopper: Bringing Bounded Model Checking to Heap Implementation Security . In 27th USENIX Security Symposium(USENIX Security 18) . USENIX Association, Baltimore, MD, 99--116. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/eckert Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2018. Heap Hopper: Bringing Bounded Model Checking to Heap Implementation Security. In 27th USENIX Security Symposium(USENIX Security 18). USENIX Association, Baltimore, MD, 99--116. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/eckert"},{"key":"e_1_3_2_2_10_1","first-page":"2171","volume":"13","author":"Fortin F\u00e9lix-Antoine","unstructured":"F\u00e9lix-Antoine Fortin , Fran\u00e7ois-Michel De Rainville , Marc-Andr\u00e9 Gardner , Marc Parizeau , and Christian Gagn\u00e9 . 2012. DEAP: Evolutionary Algorithms Made Easy . Journal of Machine Learning Research 13 (July 2012), 2171 -- 2175 . F\u00e9lix-Antoine Fortin, Fran\u00e7ois-Michel De Rainville, Marc-Andr\u00e9 Gardner, Marc Parizeau, and Christian Gagn\u00e9. 2012. DEAP: Evolutionary Algorithms Made Easy. Journal of Machine Learning Research 13 (July 2012), 2171--2175.","journal-title":"Machine Learning Research"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274723"},{"key":"e_1_3_2_2_12_1","volume-title":"Genetic Algorithms in Search, Optimization and Machine Learning","author":"Goldberg David E.","unstructured":"David E. Goldberg . 1989. Genetic Algorithms in Search, Optimization and Machine Learning ( 1 st ed.). Addison-Wesley . David E. Goldberg. 1989. Genetic Algorithms in Search, Optimization and Machine Learning(1st ed.). Addison-Wesley.","edition":"1"},{"key":"e_1_3_2_2_13_1","volume-title":"Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Master's thesis","author":"Heelan Sean","unstructured":"Sean Heelan . 2009. Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Master's thesis . University of Oxford. Sean Heelan. 2009. Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Master's thesis. University of Oxford."},{"key":"e_1_3_2_2_14_1","volume-title":"Automatic Heap Layout Manipulation for Exploitation. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Heelan Sean","year":"2018","unstructured":"Sean Heelan , Tom Melham , and Daniel Kroening . 2018 . Automatic Heap Layout Manipulation for Exploitation. In 27th USENIX Security Symposium (USENIX Security 18) . USENIX Association, Baltimore, MD, 763--779. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/heelan Sean Heelan, Tom Melham, and Daniel Kroening. 2018. Automatic Heap Layout Manipulation for Exploitation. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 763--779. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/heelan"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831155"},{"key":"e_1_3_2_2_16_1","volume-title":"Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In 2016 IEEE Symposium on Security and Privacy (SP). 969--986","author":"Hu H.","year":"2016","unstructured":"H. Hu , S. Shinde , S. Adrian , Z. L. Chua , P. Saxena , and Z. Liang . 2016 . Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In 2016 IEEE Symposium on Security and Privacy (SP). 969--986 . https:\/\/doi.org\/10.1109\/SP. 2016 .62 10.1109\/SP.2016.62 H. Hu, S. Shinde, S. Adrian, Z. L. Chua, P. Saxena, and Z. Liang. 2016. Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In 2016 IEEE Symposium on Security and Privacy (SP). 969--986. https:\/\/doi.org\/10.1109\/SP.2016.62"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243739"},{"key":"e_1_3_2_2_18_1","unstructured":"Yeongjin Jang. 2016. Integer Overflow Vulnerabilities in Language Interpreters. https:\/\/gts3.org\/2016\/lang-bug.html. Accessed: 2019-05-09.  Yeongjin Jang. 2016. Integer Overflow Vulnerabilities in Language Interpreters. https:\/\/gts3.org\/2016\/lang-bug.html. Accessed: 2019-05-09."},{"key":"e_1_3_2_2_19_1","unstructured":"jp. 2003. Advanced Doug Lea's Malloc Exploits. http:\/\/phrack.com\/issues\/61\/6.html.  jp. 2003. Advanced Doug Lea's Malloc Exploits. http:\/\/phrack.com\/issues\/61\/6.html."},{"key":"e_1_3_2_2_20_1","volume-title":"Parallel Problem Solving from Nature - PPSN VII, Juan Juli\u00e1n Merelo Guerv\u00f3s, Panagiotis Adamidis, Hans-Georg Beyer, Hans-Paul Schwefel, and Jos\u00e9-Luis Fern\u00e1ndez-Villaca\u00f1as (Eds.)","author":"Luke Sean","unstructured":"Sean Luke and Liviu Panait . 2002. Fighting Bloat with Nonparametric Parsimony Pressure . In Parallel Problem Solving from Nature - PPSN VII, Juan Juli\u00e1n Merelo Guerv\u00f3s, Panagiotis Adamidis, Hans-Georg Beyer, Hans-Paul Schwefel, and Jos\u00e9-Luis Fern\u00e1ndez-Villaca\u00f1as (Eds.) . Springer , 411--421. Sean Luke and Liviu Panait. 2002. Fighting Bloat with Nonparametric Parsimony Pressure. In Parallel Problem Solving from Nature - PPSN VII, Juan Juli\u00e1n Merelo Guerv\u00f3s, Panagiotis Adamidis, Hans-Georg Beyer, Hans-Paul Schwefel, and Jos\u00e9-Luis Fern\u00e1ndez-Villaca\u00f1as (Eds.). Springer, 411--421."},{"key":"e_1_3_2_2_21_1","unstructured":"MaXX. 2001. Vudo Malloc Tricks. http:\/\/phrack.com\/issues\/57\/8.html.  MaXX. 2001. Vudo Malloc Tricks. http:\/\/phrack.com\/issues\/57\/8.html."},{"key":"e_1_3_2_2_22_1","volume-title":"DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes. In Blackhat USA","author":"Mothe Rohit","year":"2016","unstructured":"Rohit Mothe and Rodrigo Rubira Branco . 2016 . DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes. In Blackhat USA 2016. Rohit Mothe and Rodrigo Rubira Branco. 2016. DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes. In Blackhat USA 2016."},{"key":"e_1_3_2_2_23_1","unstructured":"Phantasmal Phantasmagoria. 2004. Exploiting the Wilderness. https:\/\/seclists.org\/vuln-dev\/2004\/Feb\/25. Accessed: 2018-06--28.  Phantasmal Phantasmagoria. 2004. Exploiting the Wilderness. https:\/\/seclists.org\/vuln-dev\/2004\/Feb\/25. Accessed: 2018-06--28."},{"key":"e_1_3_2_2_24_1","unstructured":"Phantasmal Phantasmagoria. 2005. The Malloc Maleficarum. http:\/\/seclists.org\/bugtraq\/2005\/Oct\/118. Accessed: 2018-06--28.  Phantasmal Phantasmagoria. 2005. The Malloc Maleficarum. http:\/\/seclists.org\/bugtraq\/2005\/Oct\/118. Accessed: 2018-06--28."},{"key":"e_1_3_2_2_25_1","unstructured":"Gabe Pike. 2017. Python Sandbox Escape. https:\/\/hackernoon.com\/python-sandbox-escape-via-a-memory-corruption-bug-19dde4d5fea5.Ac-cessed: 2019-05-09.  Gabe Pike. 2017. Python Sandbox Escape. https:\/\/hackernoon.com\/python-sandbox-escape-via-a-memory-corruption-bug-19dde4d5fea5.Ac-cessed: 2019-05-09."},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139337.3139346"},{"key":"e_1_3_2_2_27_1","volume-title":"Exploiting format string vulnerabilities","unstructured":"scut. 2001. Exploiting format string vulnerabilities . http:\/\/julianor.tripod.com\/bc\/formatstring-1.2.pdf. Accessed: 2019-05-09. scut. 2001. Exploiting format string vulnerabilities. http:\/\/julianor.tripod.com\/bc\/formatstring-1.2.pdf. Accessed: 2019-05-09."},{"key":"e_1_3_2_2_28_1","unstructured":"Shopify. [n. d.]. HackerOne shopify-scripts Bug Bounty Program. https:\/\/hackerone.com\/shopify-scripts. Accessed: 2019-05-09.  Shopify. [n. d.]. HackerOne shopify-scripts Bug Bounty Program. https:\/\/hackerone.com\/shopify-scripts. Accessed: 2019-05-09."},{"key":"e_1_3_2_2_29_1","unstructured":"Solar Designer. 2000. JPEG COM Marker Processing Vulnerability (in Netscape Browsers and Microsoft Products) and a Generic Heap-Based Buffer Overflow Exploitation Technique. http:\/\/www.openwall.com\/articles\/JPEG-COM-Marker-Vulnerability. Accessed: 2018-06--28.  Solar Designer. 2000. JPEG COM Marker Processing Vulnerability (in Netscape Browsers and Microsoft Products) and a Generic Heap-Based Buffer Overflow Exploitation Technique. http:\/\/www.openwall.com\/articles\/JPEG-COM-Marker-Vulnerability. Accessed: 2018-06--28."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243847"},{"key":"e_1_3_2_2_31_1","volume-title":"FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Wu Wei","year":"2018","unstructured":"Wei Wu , Yueqi Chen , Jun Xu , Xinyu Xing , Xiaorui Gong , and Wei Zou . 2018 . FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities. In 27th USENIX Security Symposium (USENIX Security 18) . USENIX Association, Baltimore, MD, 781--797. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/wu-wei Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Xiaorui Gong, and Wei Zou. 2018. FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 781--797. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/wu-wei"},{"key":"e_1_3_2_2_32_1","unstructured":"Mikal Zalewksi. [n. d.]. AFL. http:\/\/lcamtuf.coredump.cx\/afl\/.  Mikal Zalewksi. [n. d.]. AFL. http:\/\/lcamtuf.coredump.cx\/afl\/."}],"event":{"name":"CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security","location":"London United Kingdom","acronym":"CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3319535.3354224","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3319535.3354224","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:24:03Z","timestamp":1750202643000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3319535.3354224"}},"subtitle":["Modular and Greybox Exploit Generation for Heap Overflows in Interpreters"],"short-title":[],"issued":{"date-parts":[[2019,11,6]]},"references-count":32,"alternative-id":["10.1145\/3319535.3354224","10.1145\/3319535"],"URL":"https:\/\/doi.org\/10.1145\/3319535.3354224","relation":{},"subject":[],"published":{"date-parts":[[2019,11,6]]},"assertion":[{"value":"2019-11-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}