More Web Proxy on the site http://driver.im/

Article

CCured in the real world

Authors:

Matthew Harren,

George C. Necula,

Westley WeimerAuthors Info & Claims

PLDI '03: Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation

Pages 232 - 244

https://doi.org/10.1145/781131.781157

Published: 09 May 2003 Publication History

Abstract

CCured is a program transformation system that adds memory safety guarantees to C programs by verifying statically that memory errors cannot occur and by inserting run-time checks where static verification is insufficient.This paper addresses major usability issues in a previous version of CCured, in which many type casts required the use of pointers whose representation was expensive and incompatible with precompiled libraries. We have extended the CCured type inference algorithm to recognize and verify statically a large number of type casts; this goal is achieved by using physical subtyping and pointers with run-time type information to allow parametric and subtype polymorphism. In addition, we present a new instrumentation scheme that splits CCured's metadata into a separate data structure whose shape mirrors that of the original user data. This scheme allows instrumented programs to invoke external functions directly on the program's data without the use of a wrapper function.With these extensions we were able to use CCured on real-world security-critical network daemons and to produce instrumented versions without memory-safety vulnerabilities.

References

[1]

M. Abadi, L. Cardelli, B. Pierce, and G. Plotkin. Dynamic typing in a statically typed language. ACM Transactions on Programming Languages and Systems, 13(2):237--268, April 1991.

Digital Library

[2]

T. M. Austin, S. E. Breach, and G. S. Sohi. Efficient detection of all pointer and array access errors. SIGPLAN Notices, 29(6):290--301, June 1994. Proceedings of the ACM SIGPLAN '94 Conference on Programming Language Design and Implementation.

Digital Library

[3]

M. C. Carlisle. Olden: Parallelizing Programs with Dynamic Data Structures on Distributed-Memory Machines. PhD thesis, Princeton University Department of Computer Science, June 1996.

Digital Library

[4]

R. Cartwright and M. Fagan. Soft typing. In Proceedings of the '91 Conference on Programming Language Design and Implementation, pages 278--292, 1991.

Digital Library

[5]

CERT Coordination Center. Cert advisory ca-2003-12: Buffer overflow in sendmail. http://www.cert.org/advisories/CA-2003-12.html, 2003.

[6]

S. Chandra and T. Reps. Physical type checking for C. In Proceedings of the ACM SIGPLAN SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, volume 24.5 of Software Engeneering Notes (SEN), pages 66--75. ACM Press, Sept. 6 1999.

Digital Library

[7]

J. S. Foster, M. Fähndrich, and A. Aiken. A theory of type qualifiers. In Proceedings of the ACM SIGPLAN '99 Conference on Programming Language Design and Implementation, pages 192--203, Atlanta, Georgia, May 1--4, 1999.

Digital Library

[8]

R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Usenix Winter 1992 Technical Conference, pages 125--138, Berkeley, CA, USA, Jan. 1991. Usenix Association.

[9]

F. Henglein. Global tagging optimization by type inference. In Proceedings of the 1992 ACM Conference on LISP and Functional Programming, pages 205--215, 1992.

Digital Library

[10]

T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference. Monetery, CA, June 2002.

Digital Library

[11]

R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. AADEBUG, 1997.

[12]

S. Kaufer, R. Lopez, and S. Pratap. Saber-C: an interpreter-based programming environment for the C language. In Proceedings of the Summer Usenix Conference, pages 161--171, 1988.

[13]

A. Kind and H. Friedrich. A practical approach to type inference for EuLisp. Lisp and Symbolic Computation, 6(1/2):159--176, 1993.

Digital Library

[14]

A. Loginov, S. Yong, S. Horwitz, and T. Reps. Debugging via run-time type checking. In Proceedings of FASE 2001: Fundamental Approaches to Software Engineering, Apr. 2001.

Digital Library

[15]

G. C. Necula, S. McPeak, and W. Weimer. CCured: Type-safe retrofitting of legacy code. In The 29th Annual ACM Symposium on Principles of Programming Languages, pages 128--139. ACM, Jan. 2002.

Digital Library

[16]

H. Patil and C. N. Fischer. Efficient run-time monitoring using shadow processing. In Automated and Algorithmic Debugging, pages 119--132, 1995.

[17]

H. Patil and C. N. Fischer. Low-cost, concurrent checking of pointer and array accesses in C~programs. Software---Practice and Experience, 27(1):87--110, Jan. 1997.

Digital Library

[18]

G. Ramalingam, J. Field, and F. Tip. Aggregate structure identification and its application to program analysis. In Symposium on Principles of Programming Languages, pages 119--132, Jan. 1999.

Digital Library

[19]

SecuriTeam.com. PHP3 / PHP4 format string vulnerability.

[20]

J. Seward. Valgrind, an open-source memory debugger for x86-GNU/Linux. Technical report, http://developer.kde.org/~sewardj/, 2003.

[21]

M. Shields, T. Sheard, and S. L. P. Jones. Dynamic typing as staged type inference. In Symposium on Principles of Programming Languages, pages 289--302, 1998.

Digital Library

[22]

M. Siff, S. Chandra, T. Ball, K. Kunchithapadam, and T. Reps. Coping with type casts in C. In 1999 ACM Foundations on Software Engineering Conference (LNCS 1687), volume 1687 of Lecture Notes in Computer Science, pages 180--198. Springer-Verlag / ACM Press, September 1999.

Digital Library

[23]

G. Smith and D. Volpano. A sound polymorphic type system for a dialect of C. Science of Computer Programming, 32(1--3):49--72, 1998.

Digital Library

[24]

SPEC 95. Standard Performance Evaluation Corportation Benchmarks. http://www.spec.org/osg/cpu95/CINT95, July 1995.

[25]

S. Thatte. Quasi-static typing. In Conference record of the 17th ACM Symposium on Principles of Programming Languages (POPL), pages 367--381, 1990.

Digital Library

[26]

D. Wagner, J. Foster, E. Brewer, and A. Aiken. A first step toward automated detection of buffer overrun vulnerabilities. In Network Distributed Systems Security Symposium, pages 1--15, Feb. 2000.

[27]

W. Weimer. The CCured type system and type inference. Technical Report UCB-CS, University of California, Berkeley. http://www.cs.berkeley.edu/~weimer/ TheCCuredTypeSystem.ps, 2002.

[28]

A. Wright and R. Cartwright. A practical soft type system for Scheme. ACM Transactions on Programming Languages and Systems, 1997.

Digital Library

Cited By

DeLozier C(2023)How Close Is Existing C/C++ Code to a Safe Subset?Journal of Cybersecurity and Privacy10.3390/jcp40100014:1(1-22)Online publication date: 28-Dec-2023
https://doi.org/10.3390/jcp4010001
Gui BSong WXiong HHuang J(2022)Automated Use-After-Free Detection and Exploit Mitigation: How Far Have We Gone?IEEE Transactions on Software Engineering10.1109/TSE.2021.312199448:11(4569-4589)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TSE.2021.3121994
Gui BSong WHuang JCadar CZhang X(2021)UAFSan: an object-identifier-based dynamic approach for detecting use-after-free vulnerabilitiesProceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3460319.3464835(309-321)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3460319.3464835
Show More Cited By

Index Terms

CCured in the real world

Recommendations

CCured in the real world

CCured is a program transformation system that adds memory safety guarantees to C programs by verifying statically that memory errors cannot occur and by inserting run-time checks where static verification is insufficient.This paper addresses major ...
CETS: compiler enforced temporal safety for C
ISMM '10

Temporal memory safety errors, such as dangling pointer dereferences and double frees, are a prevalent source of software bugs in unmanaged languages such as C. Existing schemes that attempt to retrofit temporal safety for such languages have high ...
CCured: type-safe retrofitting of legacy code
POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

In this paper we propose a scheme that combines type inference and run-time checking to make existing C programs type safe. We describe the CCured type system, which extends that of C by separating pointer types according to their usage. This type ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI '03: Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation

June 2003

360 pages

ISBN:1581136625

DOI:10.1145/781131

General Chair:
Ron Cytron
Washington University, USA
,
Program Chair:
Rajiv Gupta
University of Arizona, USA

ACM SIGPLAN Notices Volume 38, Issue 5
May 2003
349 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/780822
Issue’s Table of Contents

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 May 2003

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

PLDI03

Sponsor:

PLDI03: ACM SIGPLAN Conference on Programming Language Design and Implementation

June 9 - 11, 2003

California, San Diego, USA

Acceptance Rates

PLDI '03 Paper Acceptance Rate 28 of 131 submissions, 21%;

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

107
Total Citations
View Citations
1,075
Total Downloads

Downloads (Last 12 months)33
Downloads (Last 6 weeks)11

Reflects downloads up to 11 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

DeLozier C(2023)How Close Is Existing C/C++ Code to a Safe Subset?Journal of Cybersecurity and Privacy10.3390/jcp40100014:1(1-22)Online publication date: 28-Dec-2023
https://doi.org/10.3390/jcp4010001
Gui BSong WXiong HHuang J(2022)Automated Use-After-Free Detection and Exploit Mitigation: How Far Have We Gone?IEEE Transactions on Software Engineering10.1109/TSE.2021.312199448:11(4569-4589)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TSE.2021.3121994
Gui BSong WHuang JCadar CZhang X(2021)UAFSan: an object-identifier-based dynamic approach for detecting use-after-free vulnerabilitiesProceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3460319.3464835(309-321)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3460319.3464835
Mathur UMurali AKrogmeier PMadhusudan PViswanathan M(2019)Deciding memory safety for single-pass heap-manipulating programsProceedings of the ACM on Programming Languages10.1145/33711034:POPL(1-29)Online publication date: 20-Dec-2019
https://dl.acm.org/doi/10.1145/3371103
Sani AAnderson T(2019)The Case for I/O-Device-as-a-ServiceProceedings of the Workshop on Hot Topics in Operating Systems10.1145/3317550.3321446(66-72)Online publication date: 13-May-2019
https://dl.acm.org/doi/10.1145/3317550.3321446
Davis BWatson RRichardson ANeumann PMoore SBaldwin JChisnall DClarke JFilardo NGudka KJoannou ALaurie BMarkettos AMaste JMazzinghi ANapierala ENorton RRoe MSewell PSon SWoodruff JBahar IHerlihy MWitchel ELebeck A(2019)CheriABIProceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3297858.3304042(379-393)Online publication date: 4-Apr-2019
https://dl.acm.org/doi/10.1145/3297858.3304042
Zhang TLee WGao MZhou J(2019) File Guard: automatic format-based media file sanitizationInternational Journal of Information Security10.1007/s10207-019-00440-318:6(701-713)Online publication date: 1-Dec-2019
https://dl.acm.org/doi/10.1007/s10207-019-00440-3
Liu DZhang MWang HLie DMannan MBackes MWang X(2018)A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer SweepingProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243826(1635-1648)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243826
Lim JGanapathy VNagarakatte SBielova NGaboardi M(2017)Compiler Optimizations with Retrofitting TransformationsProceedings of the 2017 Workshop on Programming Languages and Analysis for Security10.1145/3139337.3139343(37-42)Online publication date: 30-Oct-2017
https://dl.acm.org/doi/10.1145/3139337.3139343
Park JDiniz P(2015)Program-Invariant Checking for Soft-Error Detection using Reconfigurable HardwareACM Transactions on Reconfigurable Technology and Systems10.1145/27515639:1(1-13)Online publication date: 5-Nov-2015
https://dl.acm.org/doi/10.1145/2751563
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents