US 12,223,040 B2
Blocking routine redirection
David Linde, Fort Lauderdale, FL (US)
Filed by Citrix Systems, Inc., Fort Lauderdale, FL (US)
Filed on Apr. 26, 2021, as Appl. No. 17/240,418.
Application 16/212,934 is a division of application No. 14/808,601, filed on Jul. 24, 2015, granted, now 10,181,030, issued on Jan. 15, 2019.
Application 17/240,418 is a continuation of application No. 16/212,934, filed on Dec. 7, 2018, granted, now 11,017,081.
Prior Publication US 2021/0319097 A1, Oct. 14, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/55 (2013.01); G06F 21/30 (2013.01); G06F 21/52 (2013.01); G06F 21/53 (2013.01)
CPC G06F 21/554 (2013.01) [G06F 21/305 (2013.01); G06F 21/52 (2013.01); G06F 21/53 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2123 (2013.01); G06F 2221/2143 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
enabling detection of a redirection of data being attempted by a call by changing one or more memory permissions of a virtual file system, the call including at least one change to a memory permission of the virtual file system;
detecting, by use of executable code that is executed in response to the call being received, that the call is attempting to redirect data based on an attempt to perform the at least one change to the memory permission of the file system; and
denying the at least one change to the memory permission of the file system;
wherein enabling detection of the redirection comprises:
identifying one or more first system routines that read or write memory permissions associated with the virtual file system;
identifying one or more memory locations of the one or more first system routines; and
exchanging the one or more memory locations with one or more memory locations of one or more second routines, wherein respective ones of the second routines each comprise code that performs the functions of respective ones of the first routines and additional code that detects the redirection of the data.