Validating Memory Safety in Rust Binaries
Pages 8 - 14
Abstract
Without depending on heavy runtime support, Rust can realize fast machine code that mitigates most of the common attacks associated with memory-corruption and can appear in all unsafe machine code developed using C/C++. Most of the work for producing machine code with security guarantees is carried out at compile-time by the Rust compiler. However, at runtime, there is no mechanism to ensure that the produced security guarantees, as computed at compile-time, are still in place.
In this paper, we explore the possibilities of an attacker fabricating Rust binaries so that they are on purpose vulnerable. We show that it is possible to modify automatically, and at large scale, binaries so that certain defences, placed by the Rust compiler, are removed. We introduce a generic problem, and focus on concepts of spatial and temporal safety. Finally, we produce a validator that assesses if all checks ensuring spatial and temporal safety remain intact within a Rust binary, before executing it. Our work is a step towards validating Rust binaries at load time so that security guarantees computed at compile-time are effective at runtime.
References
[1]
2019. Queue the hardening enhancements. https://security.googleblog.com/2019/05/queue- hardening- enhancements.html
[2]
Bootandy. [n. d.]. Bootandy/Dust: A more intuitive version of DU in rust. https://github.com/bootandy/dust.
[3]
Brocode. [n. d.]. Brocode/fblog: Small command-line json log viewer. https://github.com/brocode/fblog.
[4]
BurntSushli. [n. d.]. Burntsushi/XSV: A fast CSV command line toolkit written in rust. https://github.com/BurntSushi/xsv.
[5]
Thurston HY Dang, Petros Maniatis, and David Wagner. 2015. The performance cost of shadow stacks and stack canaries. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. 555--566.
[6]
Komail Dharsee and John Criswell. 2023. Jinn: Hijacking Safe Programs with Trojans. In 32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Anaheim, CA, 6965--6982. https://www.usenix.org/conference/usenixsecurity23/presentation/dharsee
[7]
Bennet Yee et al. 2009. Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In IEEE Symposium on Security and Privacy.
[8]
The Rust Foundation. [n. d.]. The rust programming language. https://doc.rust-lang.org/rust-by-example/scope/lifetime.html
[9]
The Rust Foundation. 2022. The Rust Programming Language: Exploit Mitigations. Accessed on November 20, 2023.
[10]
Jin Han, Su Mon Kywe, Qiang Yan, Feng Bao, Robert Deng, Debin Gao, Yingjiu Li, and Jianying Zhou. 2013. Launching Generic Attacks on iOS with Approved Third-Party Applications. In Applied Cryptography and Network Security, Michael Jacobson, Michael Locasto, Payman Mohassel, and Reihaneh Safavi-Naini (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 272--289.
[11]
Paul Kehrer. [n.d.]. https://langui.sh/2019/07/23/apple-memory-safety/
[12]
Zhuohua Li, Jincheng Wang, Mingshen Sun, and John C.S. Lui. 2021. MirChecker: Detecting Bugs in Rust Programs via Static Analysis. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (Virtual Event, Republic of Korea) (CCS '21). Association for Computing Machinery, New York, NY, USA, 2183--2196. https://doi.org/10.1145/3460120.3484541
[13]
Lotabout and Contributors. 2023. Skim: Fuzzy Finder in Rust. https://github.com/lotabout/skim. Accessed on November 20, 2023.
[14]
Michalis Papaevripides and Elias Athanasopoulos. 2021. Exploiting Mixed Binaries. ACM Trans. Priv. Secur. 24, 2, Article 7 (jan 2021), 29 pages. https://doi.org/10.1145/3418898
[15]
rust-borrow checker. [n. d.]. Rust Compiler Development Guide. https://rustc-dev-guide.rust-lang.org/borrow_check.html.
[16]
Rust-Lang. [n.d.]. Rust MIR. https://rustc-dev-guide.rust-lang.org/mir/index.html
[17]
Shadowsocks Contributors. 2023. Shadowsocks-Rust: A Rust port of Shadowsocks. https://github.com/shadowsocks/shadowsocks-rust. Accessed on November 20, 2023.
[18]
Kevin Z Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In 2013 IEEE Symposium on Security and Privacy. IEEE, 574--588.
[19]
MSRC Team. 2019. https://msrc-blog.microsoft.com/2019/07/18/we-need-a-safer-systems-programming-language/
[20]
The Rust Programming Language contributors. 2022. The Rust Programming Language: Understanding Ownership. https://doc.rust-lang.org/book/ch04-00-understanding-ownership.html. Accessed on November 20, 2023.
[21]
The Rust Project Developers. 2022. The Rust Programming Language: References and Borrowing. Accessed on November 20, 2023.
[22]
USENIX Association 2002. 2nd Workshop on Industrial Experiences with Systems Software (WEISS '02). USENIX Association, USENIX Association. https://www.usenix.org/legacy/events/wiess02/tech/full_papers/deville/deville_html/
[23]
Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee. 2013. Jekyll on iOS: When Benign Apps Become Evil. In 22nd USENIX Security Symposium (USENIX Security 13). USENIX Association, Washington, D.C., 559--572. https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/wang_tielei
[24]
Whitfin. [n.d.]. Whitfin/runiq: An efficient way to filter duplicate lines from input. https://github.com/whitfin/runiq.
Recommendations
Understanding memory and thread safety practices and issues in real-world Rust programs
PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and ImplementationRust is a young programming language designed for systems software development. It aims to provide safety guarantees like high-level languages and performance efficiency like low-level languages. The core design of Rust is a set of strict safety rules ...
Exploiting Mixed Binaries
Unsafe programming systems are still very popular, despite the shortcomings due to several published memory-corruption vulnerabilities. Toward defending memory corruption, compilers have started to employ advanced software hardening such as Control-flow ...
An Analysis of the Rust Programming Practice for Memory Safety Assurance
Web Information Systems and ApplicationsAbstractMemory safety is a critical concern in software development, as related issues often lead to program crashes, vulnerabilities, and security breaches, leading to severe consequences for applications and systems. This paper provides a detailed ...
Comments
Information & Contributors
Information
Published In
April 2024
60 pages
ISBN:9798400705427
DOI:10.1145/3642974
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 22 April 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
EuroSys '24
Sponsor:
Acceptance Rates
Overall Acceptance Rate 47 of 113 submissions, 42%
Upcoming Conference
EuroSys '25
- Sponsor:
- sigops
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 228Total Downloads
- Downloads (Last 12 months)228
- Downloads (Last 6 weeks)83
Reflects downloads up to 03 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in