research-article

Heap bounds protection with low fat pointers

Authors:

Gregory J. Duck,

Roland H. C. YapAuthors Info & Claims

CC 2016: Proceedings of the 25th International Conference on Compiler Construction

Pages 132 - 142

https://doi.org/10.1145/2892208.2892212

Published: 17 March 2016 Publication History

Abstract

Heap buffer overflow (underflow) errors are a common source of security vulnerabilities. One prevention mechanism is to add object bounds meta information and to instrument the program with explicit bounds checks for all memory access. The so-called "fat pointers" approach is one method for maintaining and propagating the meta information where native machine pointers are replaced with "fat" objects that explicitly store object bounds. Another approach is "low fat pointers", which encodes meta information within a native pointer itself, eliminating space overheads and also code compatibility issues. This paper presents a new low-fat pointer encoding that is fully compatible with existing libraries (e.g. pre-compiled libraries unaware of the encoding) and standard hardware (e.g. x86_64). We show that our approach has very low memory overhead, and competitive with existing state-of-the-art bounds instrumentation solutions.

References

[1]

P. Akritidis, M. Costa, M. Castro, and S. Hand. Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense Against Out-of-Bounds Errors. In USENIX Security. USENIX, 2009.

Digital Library

[2]

T. Austin, S. Breach, and G. Sohi. Efficient Detection of All Pointer and Array Access Errors. In Programming Language Design and Implementation. ACM, 1994.

Digital Library

[3]

B. Ding, Y. He, Y. Wu, A. Miller, and J. Criswell. Baggy Bounds with Accurate Checking. In Software Reliability Engineering Workshops, 2012.

Digital Library

[4]

F. Eigler. Mudflap: Pointer Use Checking for C/C++. In GCC Developerś Summit, 2003.

[5]

Intel Corporation. Intel 64 and IA-32 Architectures Optimization Reference Manual, 2016.

[6]

T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A Safe Dialect of C. In Annual Technical Conference. USENIX, 2002.

Digital Library

[7]

A. Kwon, U. Dhawan, J. Smith, T. Knight, and A. DeHon. Low-fat Pointers: Compact Encoding and Efficient Gate-level Implementation of Fat Pointers for Spatial Safety and Capability-based Security. In Computer and Communications Security. ACM, 2013.

Digital Library

[8]

LLVM. http://llvm.org, 2016.

[9]

S. Nagarakatte. Practical Low-overhead Enforcement of Memory Safety for C Programs. PhD thesis, 2012.

Digital Library

[10]

S. Nagarakatte, Z. Santosh, M. Jianzhou, M. Milo, and S. Zdancewic. SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In Programming Language Design and Implementation. ACM, 2009.

Digital Library

[11]

G. Necula, J. Condit, M. Harren, S. McPeak, and W. Weimer. CCured: Type-safe Retrofitting of Legacy Software. Transactions on Programming Languages and Systems, 27(3), 2005.

Digital Library

[12]

O. Ruwase and M. S. Lam. A Practical Dynamic Buffer Overflow Detector. In Network and Distributed System Security, 2004.

[13]

K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov. Address-Sanitizer: A Fast Address Sanity Checker. In Annual Technical Conference. USENIX, 2012.

Digital Library

[14]

SPEC. https://www.spec.org/cpu2006/, 2016.

[15]

L. Szekeres, M. Payer, T. Wei, and D. Song. SoK: Eternal War in Memory. In Security and Privacy, 2013.

Digital Library

[16]

V. van der Veen, N. Dutt-Sharma, L. Cavallaro, and H. Bos. Memory Errors: The Past, the Present, and the Future. In Research in Attacks, Intrusions, and Defenses. Springer, 2012.

Digital Library

[17]

Y. Younan, P. Philippaerts, L. Cavallaro, R. Sekar, F. Piessens, and W. Joosen. PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs. In Information, Computer and Communications Security. ACM, 2010.

Digital Library

Cited By

Wei JChen P(2024)DSLR–: A low-overhead data structure layout randomization for defending data-oriented programmingJournal of Computer Security10.3233/JCS-23005332:3(221-246)Online publication date: 17-Jun-2024
https://doi.org/10.3233/JCS-230053
Du YGuo YZhang YYang J(2024)RTT-UAF: Reuse Time Tracking for Use-After-Free DetectionProceedings of the 38th ACM International Conference on Supercomputing10.1145/3650200.3656606(376-387)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3650200.3656606
Khan SChatterjee BPande STsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Pythia: Compiler-Guided Defense Against Non-Control Data AttacksProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651343(850-866)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651343
Show More Cited By

Index Terms

Heap bounds protection with low fat pointers

Recommendations

In-fat pointer: hardware-assisted tagged-pointer spatial memory safety defense with subobject granularity protection
ASPLOS '21: Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems

Programming languages like C and C++ are not memory-safe because they provide programmers with low-level pointer manipulation primitives. The incorrect use of these primitives can result in bugs and security vulnerabilities: for example, spatial memory ...
Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Referencing outside the bounds of an array or buffer is a common source of bugs and security vulnerabilities in today's software. We can enforce spatial safety and eliminate these violations by inseparably associating bounds with every pointer (fat ...
Delta pointers: buffer overflow checks without the checks
EuroSys '18: Proceedings of the Thirteenth EuroSys Conference

Despite decades of research, buffer overflows still rank among the most dangerous vulnerabilities in unsafe languages such as C and C++. Compared to other memory corruption vulnerabilities, buffer overflows are both common and typically easy to exploit. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CC 2016: Proceedings of the 25th International Conference on Compiler Construction

March 2016

270 pages

ISBN:9781450342414

DOI:10.1145/2892208

General Chair:
Ayal Zaks
Intel, Israel / Technion, Israel
,
Program Chair:
Manuel Hermenegildo
IMDEA SW Institute, Spain / T.U. Madrid-UPM, Spain

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

In-Cooperation

IEEE-CS: Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 March 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CGO '16

Sponsor:

CGO '16: 14th Annual IEEE/ACM International Symposium on Code Generation and Optimization

March 17 - 18, 2016

Barcelona, Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

55
Total Citations
View Citations
767
Total Downloads

Downloads (Last 12 months)63
Downloads (Last 6 weeks)5

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wei JChen P(2024)DSLR–: A low-overhead data structure layout randomization for defending data-oriented programmingJournal of Computer Security10.3233/JCS-23005332:3(221-246)Online publication date: 17-Jun-2024
https://doi.org/10.3233/JCS-230053
Du YGuo YZhang YYang J(2024)RTT-UAF: Reuse Time Tracking for Use-After-Free DetectionProceedings of the 38th ACM International Conference on Supercomputing10.1145/3650200.3656606(376-387)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3650200.3656606
Khan SChatterjee BPande STsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Pythia: Compiler-Guided Defense Against Non-Control Data AttacksProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651343(850-866)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651343
Ling HHuang HWang CCai YZhang CTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)GIANTSAN: Efficient Memory Sanitization with Segment FoldingProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640391(433-449)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640391
Ahmed SLiljestrand HJamjoom HHicks MAsokan NYao DCalandrino JTroncoso C(2023)Not all data are created equalProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620318(1433-1450)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620318
Chen ZYan RMa YSui YXue J(2023)A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory SafetyACM Transactions on Software Engineering and Methodology10.1145/363722733:4(1-47)Online publication date: 11-Dec-2023
https://dl.acm.org/doi/10.1145/3637227
Bitchebe SKone YOlivier PBoukhobza JBromberg YHagimont DTchana A(2023)GuaNary: Efficient Buffer Overflow Detection In Virtualized Clouds Using Intel EPT-based Sub-Page Write Protection SupportProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36267877:3(1-26)Online publication date: 7-Dec-2023
https://dl.acm.org/doi/10.1145/3626787
Kedia PPurandare RAgarwal URishabh Just RFraser G(2023)CGuard: Scalable and Precise Object Bounds Protection for CProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598137(1307-1318)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598137
Zhang YLiu TSun ZChen ZLi XZuo ZJust RFraser G(2023)Catamaran: Low-Overhead Memory Safety Enforcement via Parallel AccelerationProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598098(816-828)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598098
Hohentanner KKasten FAuer LFerrara PHadarean L(2023)HWASanIO: Detecting C/C++ Intra-object Overflows with Memory ShadingProceedings of the 12th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis10.1145/3589250.3596139(27-33)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3589250.3596139
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents