C++ vtables are heavily used to dispatch virtual function calls. Attackers routinely hijack vtables to divert control flow. In our recent @IEEEEUROSP '21 paper by @MarkusBauer_mkb, we show that statically-linked programs can live (much safer) *without* such vtables. (1/3) 
We radically change vtable defenses. We release #NoVT, an #LLVM-based compiler that *replaces* vtables by switch-case constructs that are inherently control-flow safe. To this end, each C++ class gets unique IDs which are used to dispatch the correct method implementations. (2/3)
Instead of protecting vtables, NoVT eliminates them. This not only is simpler, but also more efficient. NoVT is the first vtable defense that does not degrade performance (on average)! Code github.com/novt-vtable-le… and paper publications.cispa.saarland/3364/1/NoVT-fo… here. (3/3)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
