Gene Novark
Emery D. Berger
Abstract
Programs written in C and C++ are susceptible to memory errors, including buffer overflows and dangling pointers. These errors, which can lead to crashes, erroneous execution, and security vulnerabilities, are notoriously costly to repair. Tracking down their location in the source code is difficult, even when the full memory state of the program is available. Once the errors are finally found, fixing them remains challenging: even for critical security-sensitive bugs, the average time between initial reports and the issuance of a patch is nearly 1 month.
We present Exterminator, a system that automatically corrects heap-based memory errors without programmer intervention. Exterminator exploits randomization to pinpoint errors with high precision. From this information, Exterminator derives runtime patches that fix these errors both in current and subsequent executions. In addition, Exterminator enables collaborative bug correction by merging patches generated by multiple users. We present analytical and empirical results that demonstrate Exterminator's effectiveness at detecting and correcting both injected and real faults.
Supplemental Material
Available for Download
By Gene Norvark University of Massachusetts Amherst, Emery D. Berger University of Massachusetts Amherst and Benjamin G. Zorn Microsoft Research
By Emery D. Berger University of Massachusetts Amherst and Benjamin G. Zorn Microsoft Research
By Emery D. Berger University of Massachusetts Amherst and Benjamin G. Zorn Microsoft Research
- Austin, T.M., Breach, S.E., and Sohi, G.S., Efficient detection of all pointer and array access errors. In Proceedings of the 1994 ACM SIGPLAN Conference on Programming Language Design and Implementation, ACM Press, June 1994, 290--301. Google Scholar
Digital Library
- Avots, D., Dalton, M., Livshits, V.B., and Lam, M.S. Improving software security with a C pointer analysis. In Proceedings of the 27th International Conference on Software Engineering. ACM Press, May 2005, 332--341. Google ScholarDigital Library
- Berger, E.D. and Zorn, B.G. DieHard: Probabilistic memory safety for unsafe languages. In Proceedings of the 2006 ACM SIGPLAN Conference on Programming Language Design and Implementation, ACM Press, June 2006, 158--168. Google ScholarDigital Library
- Berger, E.D. and Zorn, B.G. Efficient probabilistic memory safety. Technical Report UMCS TR-2007-17, Department of Computer Science University of Massachusetts Amherst. Mar. 2007.Google Scholar
- Berger, E.D. Zorn, B.G., and McKinley K.S. Composing high-performance memory allocators. In Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation, ACM Press, June 2001, 114--124. Google ScholarDigital Library
- Dhurjati, D., Kowshik, S., and Adve, V. SAFECode: Enforcing alias analysis for weakly typed languages. In Proceedings of the 2006 ACM SIGPLAN Conference on Programming Language Design and Implementation ACM Press, June 2006, 144--157 Google ScholarDigital Library
- Hastings, R. and Joyce, B. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter 1992 USENIX Conference. USENIX, Jan. 1992, 125--138.Google Scholar
- Lea, D. A memory allocator, http://gee.cs.oswego.edu/dl/html/malloc.html, 1997Google Scholar
- Necula, G.C., McPeak, S., and Weimer W. CCured: Type-safe retrofitting of legacy code. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ACM Press, Jan. 2002, 128--139. Google ScholarDigital Library
- Nethercote, N. and Seward J. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proceedings of 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation, ACM Press, June 2007, 89--100. Google ScholarDigital Library
- Novark, G., Berger, E.D., and Zorn, B.G. Exterminator: Automatically correcting memory errors with high probability. In Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation, ACM Press, June 2007, 1--11. Google ScholarDigital Library
- Qin, F., Tucek, J., Sundaresan, J. and Zhou, Y. Rx: Treating bugs as allergies---a safe method to survive software failures. In Proceedings of the Twentieth Symposium on Operating Systems Principles, vol. XX of Operating Systems Review, ACM Press, Oct. 2005, 235--248. Google ScholarDigital Library
- Rinard, M., Cadar, C., Dumitran, D., Roy, D.M., and Leu, T. A dynamic technique for eliminating buffer overflow vulnerabilities (and other memory errors). In Proceedings of the 20th Annual Computer Security Applications Conference, IEEE Computer Society, Dec. 2004, 82--90. Google ScholarDigital Library
- Rinard, M., Cadar, C., Dumitran, D., Roy, D.M., Leu, T., and Beebee, W.S. Jr. Enhancing server availability and security through failure-oblivious computing. In Sixth Symposium on Operating Systems Design and Implementation, USENIX, Dec. 2004. 303--316. Google ScholarDigital Library
- Röjemo, N. and Runciman, C. Lag, drag, void, and use: heap profiling and space-efficient compilation revisited. In Proceedings of First International Conference on Functional Programming, ACM Press, May 1996. 34--41. Google ScholarDigital Library
- Standard Performance Evaluation Corporation. SPEC2000. http://www.spec.orgGoogle Scholar
- Symantec. Internet security threat report. http://www.symantec.com/enterprise/threatreport/index.jsp, Sept. 2006.Google Scholar
Index Terms
Exterminator: Automatically correcting memory errors with high probability
Recommendations
Exterminator: automatically correcting memory errors with high probability
PLDI '07: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and ImplementationPrograms written in C and C++ are susceptible to memory errors, including buffer overflows and dangling pointers. These errors, whichcan lead to crashes, erroneous execution, and security vulnerabilities, are notoriously costly to repair. Tracking down ...
Exterminator: automatically correcting memory errors with high probability
Proceedings of the 2007 PLDI conferencePrograms written in C and C++ are susceptible to memory errors, including buffer overflows and dangling pointers. These errors, whichcan lead to crashes, erroneous execution, and security vulnerabilities, are notoriously costly to repair. Tracking down ...
A Note on t-Unidirectional Error Correcting and d(d=t)-Unidirectional Error Detecting (t-UEC and d-UED) Codes
Necessary and sufficient conditions for t-unidirectional error correcting and d-unidirectional error detecting (t-UEC and d-UED) codes are shown. In addition, an error in a theorem previously published on t-UEC and d-UED codes is corrected.
Comments