More Web Proxy on the site http://driver.im/

Article

An efficient and backwards-compatible transformation to ensure memory safety of C programs

Authors:

Daniel C. DuVarney,

R. SekarAuthors Info & Claims

SIGSOFT '04/FSE-12: Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering

Pages 117 - 126

https://doi.org/10.1145/1029894.1029913

Published: 31 October 2004 Publication History

Abstract

Memory-related errors, such as buffer overflows and dangling pointers, remain one of the principal reasons for failures of C programs. As a result, a number of recent research efforts have focused on the problem of dynamic detection of memory errors in C programs. However, existing approaches suffer from one or more of the following problems: inability to detect all memory errors (e.g., Purify), requiring non-trivial modifications to existing C programs (e.g., Cyclone), changing the memory management model of C to use garbage collection (e.g., CCured), and excessive performance overheads. In this paper, we present a new approach that addresses these problems. Our approach operates via source code transformation and combines efficient data-structures with simple, localized optimizations to obtain good performance.

References

[1]

Anonymous. SPEC CINT Benchmark. Standard Performance Evaluation Corporation. http://www.specbench.org/.

[2]

T. M. Austin, S. E. Breach, and G. S. Sohi. Efficient detection of all pointer and array access errors. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 290--301, June 1994.

Digital Library

[3]

K. Avijit, P. Gupta, and D. Gupta. TIED, LibsafePlus: Tools for runtime buffer overflow protection. In USENIX Security Symposium, pages 45--55, 2004.

Digital Library

[4]

A. Baratloo, N. Singh, and T. Tsai. Transparent run-time defense against stack smashing attacks. In USENIX Annual Technical Conference, pages 251--262, Berkeley, CA, June 2000.

Digital Library

[5]

S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In USENIX Security Symposium, Washington, DC, August 2003.

Digital Library

[6]

H. Boehm and M. Weiser. Garbage collection in an uncooperative environment. In Software - Practice and Experience, pages 807--820, 1988.

Digital Library

[7]

M. C. Carlisle and A. Rogers. Software caching and computation migration in Olden. In ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP), pages 29--38, Santa Barbara, CA, USA, 1995. ACM Press.

Digital Library

[8]

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems (ICDCS), April 2001.

Digital Library

[9]

J. Condit, M. Harren, S. McPeak, G. C. Necula, and W. Weimer. CCured in the real world. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 232--244, June 2003.

Digital Library

[10]

C. Cowan, M. Barringer, S. Beattie, and G. Kroah-Hartman. Formatguard: Automatic protection from printf format string vulnerabilities. In USENIX Security Symposium, 2001.

Digital Library

[11]

C. Cowan, S. Beattie, J. Johansen, and P. Wagle. Pointguard: Protecting pointers from buffer overflow vulnerabilities. In USENIX Security Symposium, Washington, D.C., August 2003.

Digital Library

[12]

C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. Automatic detection and prevention of buffer-overflow attacks. In USENIX Security Symposium, January 1998.

Digital Library

[13]

N. Dor, M. Rodeh, and M. Sagiv. Cssv: Towards a realistic tool for statically detecting all buffer overflows in c. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), San Diego, CA, June 2003.

Digital Library

[14]

H. Etoh and K. Yoda. Protecting from stack-smashing attacks. Published on World-Wide Web, June 2000.

[15]

J. S. Foster, M. Fähndrich, and A. Aiken. A theory of type qualifiers. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), Atlanta, GA, May 1999.

Digital Library

[16]

V. Ganapathy, S. Jha, D. Chandler, D. Melski, and D. Vitek. Buffer overrun detection using linear programming and static analysis. In ACM Conference on Computer and Communication Security (CCS), pages 345--354, 2003.

Digital Library

[17]

R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference, pages 125--136, 1992.

[18]

E. Haugh and M. Bishop. Testing C programs for buffer overflow vulnerabilities. In Network and Distributed System Security Symposium (NDSS), February 2003.

[19]

T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference, June 2002.

Digital Library

[20]

R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in c programs. In International Workshop on Automated and Algorithmic Debugging, pages 13--26, 1997.

[21]

S. Kaufer, R. Lopez, and S. Pratap. Saber-C: an interpreter-based programming environment for the C language. In Proceedings of the Summer USENIX Conference, pages 161--171, 1988.

[22]

S. C. Kendall. Bcc: run--time checking for c programs. In Proceedings of the USENIX Summer Conference, El. Cerrito, California, USA, 1983. USENIX Association.

[23]

D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. In USENIX Security Symposium, pages 177--190, 2001.

Digital Library

[24]

A. Loginov, S. H. Yong, S. Horwitz, and T. Reps. Debugging via run-time type checking. In Fundamental Approaches to Software Engineering, 2001.

Digital Library

[25]

S. McPeak, G. C. Necula, S. P. Rahul, and W. Weimer. CIL: Intermediate language and tools for C program analysis and transformation. In Conference on Compiler Construction, pages 213--228, 2002.

Digital Library

[26]

G. C. Necula, S. McPeak, and W. Weimer. CCured: type-safe retrofitting of legacy code. In ACM Symposium on Principles of Programming Languages (POPL), pages 128--139, January 2002.

Digital Library

[27]

Y. Oiwa, T. Sekiguchi, E. Sumii, and A. Yonezawa. Fail-safe ansi-c compiler: An approach to making c programs secure (progress report). In International Symposium on Software Security, number 2609 in LNCS, pages 133--153. Springer-Verlag, 2002.

Digital Library

[28]

H. Patil and C. N. Fischer. Low-cost, concurrent checking of pointer and array accesses in c programs. Software - Practice and Experience, 27(1):87--110, 1997.

Digital Library

[29]

H. G. Patil and C. N. Fischer. Efficient run-time monitoring using shadow processing. In International Workshop on Automated and Algorithmic Debugging, 1995.

[30]

R. Rugina and M. Rinard. Symbolic bounds analysis of pointers, array indices, and accessed memory regions. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 182--195. ACM Press, 2000.

Digital Library

[31]

O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Network and Distributed System Security Symposium (NDSS), pages 159--169, February 2004.

[32]

M. Siff, S. Chandra, T. Ball, K. Kunchithapadam, and T. Reps. Coping with type casts in C. In ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), pages 180--198. Springer-Verlag, 1999.

Digital Library

[33]

J. L. Steffen. Adding run-time checking to the portable c compiler. Software - Practice and Experience, 22(4):305--316, April 1992.

Digital Library

[34]

K. suk Lhee and S. J. Chapin. Type-assisted dynamic buffer overflow detection. In USENIX Security Symposium, pages 81--88, 2002.

Digital Library

[35]

D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium (NDSS), 2000.

[36]

Y. Xie, A. Chou, and D. Engler. Archer: using symbolic, path-sensitive analysis to detect memory access errors. In European Software Engineering Conference / ACM SIGSOFT International Symposium on the Foundations of Software Engineering (ESEC/FSE), pages 327--336. ACM Press, 2003.

Digital Library

[37]

S. H. Yong and S. Horwitz. Protecting C programs from attacks via invalid pointer dereferences. In ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), 2003.

Digital Library

Cited By

Chen ZYan RMa YSui YXue J(2023)A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory SafetyACM Transactions on Software Engineering and Methodology10.1145/363722733:4(1-47)Online publication date: 11-Dec-2023
https://dl.acm.org/doi/10.1145/3637227
Kedia PPurandare RAgarwal URishabh Just RFraser G(2023)CGuard: Scalable and Precise Object Bounds Protection for CProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598137(1307-1318)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598137
Hohentanner KKasten FAuer LFerrara PHadarean L(2023)HWASanIO: Detecting C/C++ Intra-object Overflows with Memory ShadingProceedings of the 12th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis10.1145/3589250.3596139(27-33)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3589250.3596139
Show More Cited By

Index Terms

An efficient and backwards-compatible transformation to ensure memory safety of C programs

Recommendations

An efficient and backwards-compatible transformation to ensure memory safety of C programs

Memory-related errors, such as buffer overflows and dangling pointers, remain one of the principal reasons for failures of C programs. As a result, a number of recent research efforts have focused on the problem of dynamic detection of memory errors in ...
Enforcing Memory Safety for Sensor Node Programs
CIT '12: Proceedings of the 2012 IEEE 12th International Conference on Computer and Information Technology

Sensor nodes are generally resource-constrained and MMUs are not present on sensor nodes. Without MMU, operating system is volatile to user program errors. so it is notoriously difficult to write robust programs. In this paper, we present memory safety ...
Practical memory safety with REST
ISCA '18: Proceedings of the 45th Annual International Symposium on Computer Architecture

In this paper, we propose Random Embedded Secret Tokens (REST), a simple hardware primitive to provide content-based checks, and show how it can be used to mitigate common types of spatial and temporal memory errors at very low cost. REST is simply a ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGSOFT '04/FSE-12: Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering

October 2004

282 pages

ISBN:1581138555

DOI:10.1145/1029894

General Chair:
Richard N. Taylor
University of California, Irvine, CA
,
Program Chair:
Matthew B. Dwyer
University of Nebraska - Lincoln

ACM SIGSOFT Software Engineering Notes Volume 29, Issue 6
November 2004
275 pages
ISSN:0163-5948
DOI:10.1145/1041685
Issue’s Table of Contents

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 October 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGSOFT04/FSE-12

Sponsor:

SIGSOFT04/FSE-12: SIGSOFT 2004 -12th International Symposium on the Foundations of Software Engineering

October 31 - November 6, 2004

CA, Newport Beach, USA

Acceptance Rates

Overall Acceptance Rate 17 of 128 submissions, 13%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

134
Total Citations
View Citations
1,215
Total Downloads

Downloads (Last 12 months)28
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Chen ZYan RMa YSui YXue J(2023)A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory SafetyACM Transactions on Software Engineering and Methodology10.1145/363722733:4(1-47)Online publication date: 11-Dec-2023
https://dl.acm.org/doi/10.1145/3637227
Kedia PPurandare RAgarwal URishabh Just RFraser G(2023)CGuard: Scalable and Precise Object Bounds Protection for CProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598137(1307-1318)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598137
Hohentanner KKasten FAuer LFerrara PHadarean L(2023)HWASanIO: Detecting C/C++ Intra-object Overflows with Memory ShadingProceedings of the 12th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis10.1145/3589250.3596139(27-33)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3589250.3596139
Fan XLong SHuang CYang CLi FBartolini ARietveld KSchuman CMoreira J(2023)Accelerating Type Confusion Detection by Identifying Harmless Type CastingsProceedings of the 20th ACM International Conference on Computing Frontiers10.1145/3587135.3592205(91-100)Online publication date: 9-May-2023
https://dl.acm.org/doi/10.1145/3587135.3592205
Zhou JCriswell JHicks M(2023)Fat Pointers for Temporal Memory Safety of CProceedings of the ACM on Programming Languages10.1145/35860387:OOPSLA1(316-347)Online publication date: 6-Apr-2023
https://dl.acm.org/doi/10.1145/3586038
Chen ZZhang QWu JYan JXue J(2023)A Source-Level Instrumentation Framework for the Dynamic Analysis of Memory SafetyIEEE Transactions on Software Engineering10.1109/TSE.2022.321058049:4(2107-2127)Online publication date: 1-Apr-2023
https://doi.org/10.1109/TSE.2022.3210580
Liang KTan JZeng DHuang YHuang XTan G(2023)ABSLearn: a GNN-based framework for aliasing and buffer-size information retrievalPattern Analysis and Applications10.1007/s10044-023-01142-226:3(1171-1189)Online publication date: 19-Feb-2023
https://doi.org/10.1007/s10044-023-01142-2
Vijaykumar NOlgun AKanellopoulos KBostanci FHassan HLotfi MGibbons PMutlu O(2022)MetaSys: A Practical Open-source Metadata Management System to Implement and Evaluate Cross-layer OptimizationsACM Transactions on Architecture and Code Optimization10.1145/350525019:2(1-29)Online publication date: 24-Mar-2022
https://dl.acm.org/doi/10.1145/3505250
Gui BSong WXiong HHuang J(2022)Automated Use-After-Free Detection and Exploit Mitigation: How Far Have We Gone?IEEE Transactions on Software Engineering10.1109/TSE.2021.312199448:11(4569-4589)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TSE.2021.3121994
Nasahl PSchilling RWerner MHoogerbrugge JMedwed MMangard SCao JHo Au MLin ZYung M(2021)CrypTag: Thwarting Physical and Logical Memory Vulnerabilities using Cryptographically Colored MemoryProceedings of the 2021 ACM Asia Conference on Computer and Communications Security10.1145/3433210.3453684(200-212)Online publication date: 24-May-2021
https://dl.acm.org/doi/10.1145/3433210.3453684
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents