Lua Debug

Problem

Safe Exception Handling (/SAFESEH) protects the code flow integrity by ensuring that exceptions are handled only by vetted functions. This mitigation protects dynamically constructed exception chains by checking the function targets prior to their execution. Because the code flow integrity is verified during runtime, malicious code is less likely to be able to hijack trusted execution paths. It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs. However, this option is only effective on systems that dynamically resolve exception handlers. Most notably, this option is recommended for 32-bit Windows applications that target the Intel x86 platform. Other operating system and platform combinations mitigate exception hijacking risks through the use of statically generated read-only tables.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that dynamic calls are made only to vetted functions. Trusted execution paths rely on the ability of the operating system to build a list of valid function targets. Certain functions can intentionally be disallowed to prevent malicious code from deactivating vulnerability mitigation features. A list of such invalid function targets can include publicly exported symbols. Applications that enhance control flow integrity through export suppression rely on libraries to mark their publicly visible symbols as suppressed. This is done for all symbols that are considered to be sensitive functions, and to which access should be restricted. It is considered dangerous to mix applications that perform export suppression with libraries that do not.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Higher-level programming languages implement structured exception handling by managing their own code flow execution paths. As such, they are subject to code flow hijacking during runtime. Language-specific exception handling mitigation enforces execution integrity by instrumenting calls to manage execution context switching. Any deviation from the known and trusted code flow paths will cause the application to terminate. This makes malicious code less likely to execute.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Function pointers that get resolved through import and delayed import address tables do not need to be monitored during application runtime. Instead, it is expected that modern programming language toolchains place those pointers in read-only memory locations. However, the delayed import functions are resolved as they are needed during runtime. To ensure the function pointers remain read-only, the operating system must be made aware if it is safe to re-protect the memory pages that hold them. Modern toolchains typically separate import data from other application regions for this very reason.