Hardware Support for Low-Cost Memory Safety
Programs written in C/C++ are vulnerable to memory-safety errors like buffer-overflows and use-after-free. While several mechanisms to detect such errors have been previously proposed, they suffer from a variety of drawbacks including poor performance, imprecise or probabilistic detection of errors,...
Uložené v:
| Vydané v: | 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S) s. 57 - 60 |
|---|---|
| Hlavní autori: | , , , , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
IEEE
01.06.2021
|
| Predmet: | |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Shrnutí: | Programs written in C/C++ are vulnerable to memory-safety errors like buffer-overflows and use-after-free. While several mechanisms to detect such errors have been previously proposed, they suffer from a variety of drawbacks including poor performance, imprecise or probabilistic detection of errors, or requiring invasive changes to the binary-layout or source-code. Consequently, memory-safety errors continue to exist in production-software and are a principal cause of security problems.In our project at IBM, we worked on a minimally-invasive and low-cost hardware-based bounds-checking framework for preventing out-of-bounds accesses and use-after-free errors. The key idea is to re-purpose "unused bits" in a pointer to store an index into a bounds-information table that can be used to catch out-of-bounds errors and use-after-free errors without any change to the binary layout. Using this bounds-checking framework, we implement a design for preventing Out-of-Bounds accesses and Use-After-Free for heap-objects, that are responsible for the majority of memory-safety errors in the wild. |
|---|---|
| DOI: | 10.1109/DSN-S52858.2021.00032 |