Light-weight bounds checking

Niranjan Hasabnis, Ashish Misra, R. Sekar
2012 Proceedings of the Tenth International Symposium on Code Generation and Optimization - CHO '12  
Memory errors in C and C++ programs continue to be one of the dominant sources of security problems, accounting for over a third of the high severity vulnerabilities reported in 2011. Wide-spread deployment of defenses such as addressspace layout randomization (ASLR) have made memory exploit development more difficult, but recent trends indicate that attacks are evolving to overcome this defense. Techniques for systematic detection and blocking of memory errors can provide more comprehensive
more » ... tection that can stand up to skilled adversaries, but unfortunately, these techniques introduce much higher overheads and provide significantly less compatibility than ASLR. We propose a new memory error detection technique that explores a part of the design space that trades off some ability to detect bounds errors in order to obtain good performance and excellent backwards compatibility. On the SPECINT 2000 benchmark, the runtime overheads of our technique is about half of that reported by the fastest previous bounds-checking technique. On the compatibility front, our technique has been tested on over 7 million lines of code, which is much larger than that reported for previous bounds-checking techniques. research efforts, spanning over a quarter century, have targeted runtime detection of memory errors [18, 34, 15, 6, 29, 17, 16, 25, 32, 38, 12, 13, 26, 5, 22, 39, 3, 23] . These efforts have yielded many practical tools that enjoy widespread use during software testing. However, in order to defend against security exploits, these techniques have to be deployed in operational software. Two factors have so far held this up:
doi:10.1145/2259016.2259034 dblp:conf/cgo/HasabnisMS12 fatcat:kifvp4httbhufatinfkqdbjy3i