Heap Feng Shui in JavaScript

Heap Feng Shui is a new technique for precise manipulation of the browser heap layout using specific sequences of JavaScript allocations. This is implemented as a JavaScript library with functions for setting up the heap in a controlled state before triggering a heap corruption bug. Using this technique makes it possible to exploit very difficult heap corruption vulnerabilities with great reliability and precision.


This paper was presented at BlackHat Europe 2007.