Abstract
Temporal memory safety bugs, especially use-after-free and double free bugs, pose a major security threat to C programs. Real-world exploits utilizing these bugs enable attackers to read and write arbitrary memory locations, causing disastrous violations of confidentiality, integrity, and availability. Many previous solutions retrofit temporal memory safety to C, but they all either incur high performance overhead and/or miss detecting certain types of temporal memory safety bugs.
In this paper, we propose a temporal memory safety solution that is both efficient and comprehensive. Specifically, we extend Checked C, a spatially-safe extension to C, with temporally-safe pointers. These are implemented by combining two techniques: fat pointers and dynamic key-lock checks. We show that the fat-pointer solution significantly improves running time and memory overhead compared to the disjoint-metadata approach that provides the same level of protection. With empirical program data and hands-on experience porting real-world applications, we also show that our solution is practical in terms of backward compatibility---one of the major complaints about fat pointers.
- Jonathan Afek and Adi Sharabani. 2007. Dangling pointer: Smashing the Pointer for Fun and Profit. (2007). https://www.blackhat.com/presentations/bh-usa-07/Afek/Whitepaper/bh-usa-07-afek-WP.pdf
Google Scholar
- AIDanial. 2022. cloc: Count Lines of Code. https://github.com/AlDanial/cloc
Google Scholar
- Sam Ainsworth and Timothy M. Jones. 2020. MarkUs: Drop-in use-after-free prevention for low-level languages. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA, 578–591.
Google Scholar
Cross Ref
- Periklis Akritidis. 2010. Cling: A Memory Allocator to Mitigate Dangling Pointers. In Proceedings of the 19th USENIX Conference on Security (Washington, DC) (USENIX Security’10). USENIX Association, Berkeley, CA, USA, 12–12. isbn:888-7-6666-5555-4 http://dl.acm.org/citation.cfm?id=1929820.1929836
Google Scholar
- Apache Software Foundation. 2022. ab - Apache HTTP server benchmarking tool. https://httpd.apache.org/docs/2.4/programs/ab.html
Google Scholar
- Apple Inc. 2017. LZFSE compression library and command line tool. https://github.com/lzfse/lzfse
Google Scholar
- Arm Ltd. 2019. Arm Architecture Reference Manual: Armv8, for Armv8-A architecture profile. DDI 0487E.a.
Google Scholar
- Arm Ltd. 2019. Armv8.5-A Memory Tagging Extension. https://developer.arm.com/-/media/Arm
Google Scholar
- Vytautas Astrauskas, Christoph Matheja, Federico Poli, Peter Müller, and Alexander J. Summers. 2020. How Do Programmers Use Unsafe Rust? Proc. ACM Program. Lang. 4, OOPSLA, Article 136 (nov 2020), 27 pages.
Google Scholar
Digital Library
- Todd M. Austin, Scott E. Breach, and Gurindar S. Sohi. 1994. Efficient Detection of All Pointer and Array Access Errors. In Proceedings of the ACM SIGPLAN 1994 Conference on Programming Language Design and Implementation (Orlando, Florida, USA) (PLDI ’94). ACM, New York, NY, USA, 290–301. isbn:0-89791-662-X
Google Scholar
Digital Library
- Emery D. Berger and Benjamin G. Zorn. 2006. DieHard: Probabilistic Memory Safety for Unsafe Languages. In Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation (Ottawa, Ontario, Canada) (PLDI ’06). ACM, New York, NY, USA, 158–168. isbn:1-59593-320-4
Google Scholar
Digital Library
- Priyam Biswas, Alessandro Di Federico, Scott A. Carr, Prabhu Rajasekaran, Stijn Volckaert, Yeoul Na, Michael Franz, and Mathias Payer. 2017. Venerable Variadic Vulnerabilities Vanquished. In Proceedings of the 26th USENIX Conference on Security Symposium (Vancouver, BC, Canada) (SEC’17). USENIX Association, USA, 183–198. isbn:9781931971409
Google Scholar
Digital Library
- Hans-Juergen Boehm. 1993. Space Efficient Conservative Garbage Collection. In Proceedings of the ACM SIGPLAN 1993 Conference on Programming Language Design and Implementation (Albuquerque, New Mexico, USA) (PLDI ’93). Association for Computing Machinery, New York, NY, USA, 197–206. isbn:0897915984
Google Scholar
Digital Library
- Hans-J. Boehm. 2002. Bounding Space Usage of Conservative Garbage Collectors. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Portland, Oregon) (POPL ’02). Association for Computing Machinery, New York, NY, USA, 93–100. isbn:1581134509
Google Scholar
Digital Library
- Nathan Burow, Derrick McKee, Scott A. Carr, and Mathias Payer. 2018. CUP: Comprehensive User-Space Protection for C/C++. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (Incheon, Republic of Korea) (ASIACCS ’18). Association for Computing Machinery, New York, NY, USA, 381–392. isbn:9781450355766
Google Scholar
Digital Library
- Haehyun Cho, Jinbum Park, Adam Oest, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, and Gail-Joon Ahn. 2022. ViK: Practical Mitigation of Temporal Memory Safety Violations through Object ID Inspection. In Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (Lausanne, Switzerland) (ASPLOS 2022). Association for Computing Machinery, New York, NY, USA, 271–284. isbn:9781450392051
Google Scholar
Digital Library
- Catalin Cimpanu. 2020. Chrome: 70 issues. https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
Google Scholar
- Jeremy Condit, Matthew Harren, Zachary Anderson, David Gay, and George C. Necula. 2007. Dependent Types for Low-level Programming. In Proceedings of the 16th European Symposium on Programming (Braga, Portugal) (ESOP’07). Springer-Verlag, Berlin, Heidelberg, 520–535. isbn:978-3-540-71314-2 http://dl.acm.org/citation.cfm?id=1762174.1762221
Google Scholar
- John Criswell, Andrew Lenharth, Dinakar Dhurjati, and Vikram Adve. 2007. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles (Stevenson, Washington, USA) (SOSP ’07). ACM, New York, NY, USA, 351–366. isbn:978-1-59593-591-5
Google Scholar
Digital Library
- curl. 2022. curl security problems. https://curl.se/docs/security.html
Google Scholar
- Thurston H.Y. Dang, Petros Maniatis, and David Wagner. 2017. Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 815–832. isbn:978-1-931971-40-9 https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/dang
Google Scholar
- Sebastian Deorowicz. [n. d.]. Silesia compression corpus. http://sun.aei.polsl.pl/~sdeor/index.php?page=silesia Accessed: 09-03-2021.
Google Scholar
- Dinakar Dhurjati and Vikram Adve. 2006. Efficiently Detecting All Dangling Pointer Uses in Production Servers. In Proceedings of the International Conference on Dependable Systems and Networks (DSN ’06). Washington, DC, USA, 269–280. isbn:0-7695-2607-1
Google Scholar
Digital Library
- Dinakar Dhurjati, Sumant Kowshik, and Vikram Adve. 2006. SAFECode: Enforcing Alias Analysis for Weakly Typed Languages. In Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation (Ottawa, Ontario, Canada) (PLDI ’06). Association for Computing Machinery, New York, NY, USA, 144–157. isbn:1595933204
Google Scholar
Digital Library
- Junhan Duan, Yudi Yang, Jie Zhou, and John Criswell. 2020. Refactoring the FreeBSD Kernel with Checked C. In 2020 IEEE Secure Development (SecDev). 15–22.
Google Scholar
Cross Ref
- A. S. Elliott, A. Ruef, M. Hicks, and D. Tarditi. 2018. Checked C: Making C Safe by Extension. In 2018 IEEE Cybersecurity Development (SecDev). 53–60.
Google Scholar
Cross Ref
- Common Weaknesses Enumeration. 2020. Use After Free. https://cwe.mitre.org/data/definitions/416.html
Google Scholar
- Ana Nora Evans, Bradford Campbell, and Mary Lou Soffa. 2020. Is Rust Used Safely by Software Developers?. In Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering (Seoul, South Korea) (ICSE ’20). Association for Computing Machinery, New York, NY, USA, 246–257. isbn:9781450371216
Google Scholar
Digital Library
- Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu. 2021. PTAuth: Temporal Memory Safety via Robust Points-to Authentication. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association. https://www.usenix.org/conference/usenixsecurity21/presentation/mirzazade
Google Scholar
- Charles N. Fischer and Richard J. LeBlanc. 1980. The Implementation of Run-Time Diagnostics in Pascal. IEEE Transactions on Software Engineering SE-6, 4 (1980), 313–319.
Google Scholar
Digital Library
- Agner Fog. 2021. 4. Instruction tables: Lists of instruction latencies, throughputs and micro-operation breakdowns for Intel, AMD, and VIA CPUs. Technical Report. https://www.agner.org/optimize/instruction_tables.pdf Accessed: 07-19-2021.
Google Scholar
- Krzysztof Gabis. 2021. parson: Lightweight JSON library written in C. https://github.com/kgabis/parson
Google Scholar
- Brendan Gregg. 2018. How To Measure the Working Set Size on Linux. https://www.brendangregg.com/blog/2018-01-17/measure-working-set-size.html Accessed: 10-05-2021.
Google Scholar
- Brendan Gregg. 2020. Systems Performance: Enterprise and the Cloud, 2nd Edition. Addison-Wesley.
Google Scholar
- Binfa Gui, Wei Song, and Jeff Huang. 2021. UAFSan: An Object-Identifier-Based Dynamic Approach for Detecting Use-after-Free Vulnerabilities. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (Virtual, Denmark) (ISSTA 2021). Association for Computing Machinery, New York, NY, USA, 309–321. isbn:9781450384599
Google Scholar
Digital Library
- Michael Hind. 2001. Pointer Analysis: Haven’t We Solved This Problem Yet?. In Proceedings of the 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (Snowbird, Utah, USA) (PASTE ’01). Association for Computing Machinery, New York, NY, USA, 54–61. isbn:1581134134
Google Scholar
Digital Library
- Intel Corporation 2019. Intel 64 and IA-32 Architectures Software Developer’s Manual. Intel Corporation. Order Number: 325462-069US.
Google Scholar
- Intel Corporation 2021. ntel® 64 and IA-32 Architectures Software Developer’s Manual. Intel Corporation. Order Number: 253665-075US.
Google Scholar
- Trevor Jim, J. Greg Morrisett, Dan Grossman, Michael W. Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: A Safe Dialect of C. In Proceedings of the General Track of the Annual Conference on USENIX Annual Technical Conference (ATEC ’02). USENIX Association, Berkeley, CA, USA, 275–288. isbn:1-880446-00-6 http://dl.acm.org/citation.cfm?id=647057.713871
Google Scholar
Digital Library
- Sumant Kowshik, Dinakar Dhurjati, and Vikram Adve. 2002. Ensuring Code Safety without Runtime Checks for Real-Time Control Systems. In Proceedings of the 2002 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems (Grenoble, France) (CASES ’02). Association for Computing Machinery, New York, NY, USA, 288–297. isbn:1581135750
Google Scholar
Digital Library
- Albert Kwon, Udit Dhawan, Jonathan M. Smith, Thomas F. Knight, and Andre DeHon. 2013. Low-Fat Pointers: Compact Encoding and Efficient Gate-Level Implementation of Fat Pointers for Spatial Safety and Capability-Based Security. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (Berlin, Germany) (CCS ’13). Association for Computing Machinery, New York, NY, USA, 721–732. isbn:9781450324779
Google Scholar
Digital Library
- Chris Lattner and Vikram Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO’04). IEEE Computer Society, Palo Alto, CA, 75–86. isbn:0-7695-2102-9 http://dl.acm.org/citation.cfm?id=977395.977673
Google Scholar
Digital Library
- Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee. 2015. Preventing Use-after-free with Dangling Pointers Nullification. In NDSS.
Google Scholar
- Daniel Lemire. 2016. The memory usage of STL containers can be surprising. https://lemire.me/blog/2016/09/15/the-memory-usage-of-stl-containers-can-be-surprising/
Google Scholar
- Liyi Li, Yiyun Liu, Deena L. Postol, Leonidas Lampropoulos, David Van Horn, and Michael Hicks. 2022. A Formal Model of Checked C. In Proceedings of the Computer Security Foundations Symposium (CSF).
Google Scholar
Cross Ref
- Daiping Liu, Mingwei Zhang, and Haining Wang. 2018. A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer Sweeping. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (Toronto, Canada) (CCS ’18). Association for Computing Machinery, New York, NY, USA, 1635–1648. isbn:9781450356930
Google Scholar
Digital Library
- Shen Liu, Gang Tan, and Trent Jaeger. 2017. PtrSplit: Supporting General Pointers in Automatic Program Partitioning. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (Dallas, Texas, USA) (CCS ’17). Association for Computing Machinery, New York, NY, USA, 2359–2371. isbn:9781450349468
Google Scholar
Digital Library
- LLVM Developer Group. 2022. LLVM Test Suite. https://llvm.org/docs/TestSuiteGuide.html
Google Scholar
- LLVM Developer Group. 2022. Promote Memory to Register. https://llvm.org/docs/Passes.html#mem2reg-promote-memory-to-register
Google Scholar
- LLVM Document. 2022. llvm::PointerType Class Reference. https://llvm.org/doxygen/classllvm_1_1PointerType.html
Google Scholar
- H.J. Lu, Michael Matz, Milind Girkar, Jan Hubiĉka, Andreas Jaeger, and Mark Mitchell. 2020. System V Application Binary Interface AMD64 Architecture Processor Supplement. https://gitlab.com/x86-psABIs/x86-64-ABI Version 1.0.
Google Scholar
- Chi-Keung Luk and Todd C. Mowry. 1996. Compiler-Based Prefetching for Recursive Data Structures. In Proceedings of the Seventh International Conference on Architectural Support for Programming Languages an d Operating Systems (Cambridge, Massachusetts, USA) (ASPLOS VII). Association for Computing Machinery, New York, NY, USA, 222–233. isbn:0897917677
Google Scholar
Digital Library
- Aravind Machiry, John Kastner, Matt McCutchen, Aaron Eline, Kyle Headley, and Michael Hicks. 2022. C to Checked C by 3C. In Proceedings of the ACM Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA). https://arxiv.org/abs/2203.13445
Google Scholar
Digital Library
- Matt Mahoney. 2021. Large Text Compression Benchmark. http://mattmahoney.net/dc/text.html Accessed: 09-03-2021.
Google Scholar
- Microsoft Incorporation. [n. d.]. How to use Pageheap.exe in Windows XP and Windows 2000. https://support.microsoft.com/en-gb/help/286470/how-to-use-pageheap-exe-in-windows-xp-windows-2000-and-windows-server.
Google Scholar
- Matt Miller. 2019. Trends, challenge, and shifts in software vulnerability mitigation. https://github.com/microsoft/MSRC-Security-Research/tree/master/presentations/2019_02_BlueHatIL BlueHat IL.
Google Scholar
- Mozilla. 2023. Rust Programming Language. https://www.rust-lang.org/.
Google Scholar
- Swamy Shivaganga Nagaraju, Cristian Craioveanu, Elia Florio, and Matt Miller. 2013. Software Vulnerability Exploitation Trends. Microsoft Technical Report.
Google Scholar
- Santosh Nagarakatte. 2014. SoftBoundCETS for LLVM+Clang version 34. https://github.com/santoshn/softboundcets-34 Accessed: 07-25-2021.
Google Scholar
- Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2012. Watchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety. In Proceedings of the 39th Annual International Symposium on Computer Architecture (Portland, Oregon) (ISCA ’12). IEEE Computer Society, USA, 189–200. isbn:9781450316422
Google Scholar
Digital Library
- Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2014. WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking. In Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization (Orlando, FL, USA) (CGO ’14). Association for Computing Machinery, New York, NY, USA, 175–184. isbn:9781450326704
Google Scholar
Digital Library
- Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2015. Everything You Want to Know About Pointer-Based Checking. In 1st Summit on Advances in Programming Languages (SNAPL 2015) (Leibniz International Proceedings in Informatics (LIPIcs), Vol. 32), Thomas Ball, Rastislav Bodik, Shriram Krishnamurthi, Benjamin S. Lerner, and Greg Morrisett (Eds.). Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany, 190–208. isbn:978-3-939897-80-4 issn:1868-8969
Google Scholar
Cross Ref
- Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin, and Steve Zdancewic. 2009. SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation (Dublin, Ireland) (PLDI ’09). ACM, New York, NY, USA, 245–258. isbn:978-1-60558-392-1
Google Scholar
Digital Library
- Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin, and Steve Zdancewic. 2010. CETS: Compiler-Enforced Temporal Safety for C. In Proceedings of the 2010 International Symposium on Memory Management (Toronto, Ontario, Canada) (ISMM ’10). ACM, 31–40. isbn:978-1-4503-0054-4
Google Scholar
Digital Library
- George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. 2005. CCured: Type-Safe Retrofitting of Legacy Software. ACM Trans. Program. Lang. Syst. 27, 3 (May 2005), 477–526. issn:0164-0925
Google Scholar
Digital Library
- George C. Necula, Scott McPeak, and Westley Weimer. 2002. CCured: Type-Safe Retrofitting of Legacy Code. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Portland, Oregon) (POPL ’02). Association for Computing Machinery, New York, NY, USA, 128–139. isbn:1581134509
Google Scholar
Digital Library
- Gene Novark and Emery D. Berger. 2010. DieHarder: Securing the Heap. In Proceedings of the 17th ACM Conference on Computer and Communications Security (Chicago, Illinois, USA) (CCS ’10). ACM, New York, NY, USA, 573–584. isbn:978-1-4503-0245-6
Google Scholar
Digital Library
- Harish Patil and Charles Fischer. 1997. Low-Cost, Concurrent Checking of Pointer and Array Accesses in C Programs. Softw. Pract. Exper. 27, 1 (Jan. 1997), 87–110. issn:0038-0644
Google Scholar
Cross Ref
- Rui Pereira, Marco Couto, Francisco Ribeiro, Rui Rua, Jácome Cunha, Jo ao Paulo Fernandes, and Jo ao Saraiva. 2017. Energy Efficiency across Programming Languages: How Do Energy, Time, and Memory Relate?. In Proceedings of the 10th ACM SIGPLAN International Conference on Software Language Engineering (Vancouver, BC, Canada) (SLE 2017). Association for Computing Machinery, New York, NY, USA, 256–267. isbn:9781450355254
Google Scholar
Digital Library
- Bruce Perens. 1993. Electric Fence. https://linux.die.net/man/3/efence.
Google Scholar
- Phantasmal Phantasmagoria. 2005. The Malloc Maleficarum. https://dl.packetstormsecurity.net/papers/attack/MallocMaleficarum.txt
Google Scholar
- Jef Poskanzer. 2018. thttpd - tiny/turbo/throttling HTTP server. https://acme.com/software/thttpd/
Google Scholar
- Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks. 2011. LOCKSMITH: Practical Static Race Detection for C. ACM Trans. Program. Lang. Syst. 33, 1, Article 3 (jan 2011), 55 pages. issn:0164-0925
Google Scholar
Digital Library
- Anne Rogers, Martin C. Carlisle, John H. Reppy, and Laurie J. Hendren. 1995. Supporting Dynamic Data Structures on Distributed-memory Machines. ACM Trans. Program. Lang. Syst. 17, 2 (March 1995), 233–263. issn:0164-0925
Google Scholar
Digital Library
- Zekun Shen and Brendan Dolan-Gavitt. 2020. HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities. In Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC ’20). Association for Computing Machinery.
Google Scholar
Digital Library
- Jangseop Shin, Donghyun Kwon, Yeongpil Cho Jiwon Seo, and Yunheung Paek. 2019. CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++. In NDSS.
Google Scholar
- Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. 2017. FreeGuard: A Faster Secure Heap Allocator. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (Dallas, Texas, USA) (CCS ’17). Association for Computing Machinery, New York, NY, USA, 2389–2403. isbn:9781450349468
Google Scholar
Digital Library
- Sam Silvestro, Hongyu Liu, Tianyi Liu, Zhiqiang Lin, and Tongping Liu. 2018. Guarder: A Tunable Secure Allocator. In Proceedings of the 27th USENIX Conference on Security Symposium (Baltimore, MD, USA) (SEC’18). USENIX Association, USA, 117–133. isbn:9781931971461
Google Scholar
- Matthew S. Simpson and Rajeev K. Barua. 2013. MemSafe: Ensuring the Spatial and Temporal Memory Safety of C at Runtime. Softw. Pract. Exper. 43, 1 (Jan. 2013), 93–128. issn:0038-0644
Google Scholar
Digital Library
- Daniel Stenberg. 2022. cURL: A command line tool and library for transferring data with URLs. https://curl.se/
Google Scholar
- David Tarditi. 2021. Extending C with Bounds Safety and Improved Type Safety. Technical Report. https://github.com/microsoft/checkedc/tree/master/spec/bounds_safety Accessed: 07-14-2021.
Google Scholar
- Erik van der Kouwe, Vinod Nigade, and Cristiano Giuffrida. 2017. DangSan: Scalable Use-after-free Detection. In Proceedings of the Twelfth European Conference on Computer Systems (Belgrade, Serbia) (EuroSys ’17). ACM, 405–419. isbn:978-1-4503-4938-3
Google Scholar
Digital Library
- WebAssembly. 2021. Memory64. https://github.com/WebAssembly/memory64/blob/main/proposals/memory64/Overview.md
Google Scholar
- Nathaniel Wesley Filardo, Brett F. Gutstein, Jonathan Woodruff, Sam Ainsworth, Lucian Paul-Trifu, Brooks Davis, Hongyan Xia, Edward Tomasz Napierala, Alexander Richardson, John Baldwin, David Chisnall, Jessica Clarke, Khilan Gudka, Alexandre Joannou, A. Theodore Markettos, Alfredo Mazzinghi, Robert M. Norton, Michael Roe, Peter Sewell, Stacey Son, Timothy M. Jones, Simon W. Moore, Peter G. Neumann, and Robert N. M. Watson. 2020. Cornucopia: Temporal Safety for CHERI Heaps. In 2020 IEEE Symposium on Security and Privacy (SP). 608–625.
Google Scholar
Cross Ref
- Brian Wickman, Hong Hu, Insu Yun, Daehee JangJungWon Lim, Sanidhya Kashyap, and Taesoo Kim. 2021. Preventing Use-After-Free Attacks with Fast Forward Allocation. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Vancouver, B.C. https://www.usenix.org/conference/usenixsecurity21/presentation/wickman
Google Scholar
- Jonathan Woodruff, Robert N.M. Watson, David Chisnall, Simon W. Moore, Jonathan Anderson, Bro oks Davis, Ben Laurie, Peter G. Neumann, Robert Norton, and Michael Roe. 2014. The CHERI Capability Model: Revisiting RISC in an Age of Risk. In Proceeding of the 41st Annual International Symposium on Computer Architecture (Minneapolis, Minnesota, USA) (ISCA ’14). IEEE Press, Piscataway, NJ, USA, 457–468. isbn:978-1-4799-4394-4 http://dl.acm.org/citation.cfm?id=2665671.2665740
Google Scholar
Cross Ref
- Hongyan Xia, Jonathan Woodruf, Sam Ainsworth, Nathaniel W. Filardo, Michael Roe, Alexander Richardson, Peter Rugg, Peter G. Neumann, Simon W. Moore, Robert N. M. Watson, and Timothy M. Jones. 2019. CHERIvoke: Characterising Pointer Revocation Using CHERI Capabilities for Temporal Memory Safety. In Proceedings of the 52Nd Annual IEEE/ACM International Symposium on Microarchitecture (Columbus, OH, USA) (MICRO ’52). ACM, New York, NY, USA, 545–557. isbn:978-1-4503-6938-1
Google Scholar
Digital Library
- Wei Xu, Daniel C. DuVarney, and R. Sekar. 2004. An Efficient and Backwards-compatible Transformation to Ensure Memory Safety of C Programs. In Proceedings of the 12th ACM SIGSOFT Twelfth International Symposium on Foundations of Software Engineering (Newport Beach, CA, USA) (SIGSOFT ’04/FSE-12). ACM, New York, NY, USA, 117–126. isbn:1-58113-855-5
Google Scholar
Digital Library
- Wen Xu, Juanru Li, Junliang Shu, Wenbo Yang, Tianyi Xie, Yuanyuan Zhang, and Dawu Gu. 2015. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (Denver, Colorado, USA) (CCS ’15). ACM, New York, NY, USA, 414–425. isbn:978-1-4503-3832-5
Google Scholar
Digital Library
- Yves Younan. 2015. FreeSentry: Protecting Against Use-After-Free Vulnerabilities Due to Dangling Pointers. In NDSS.
Google Scholar
- Mirco Zeiss. 2012. Really big json file representing san francisco’s subdivision parcels. https://github.com/zemirco/sf-city-lots-json
Google Scholar
- Tong Zhang, Dongyoon Lee, and Changhee Jung. 2019. BOGO: Buy Spatial Memory Safety, Get Temporal Memory Safety (Almost) Free. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems (Providence, RI, USA) (ASPLOS ’19). ACM, New York, NY, USA, 631–644. isbn:978-1-4503-6240-5
Google Scholar
Digital Library
- Yuchen Zhang, Yunhang Zhang, Georgios Portokalidis, and Jun Xu. 2023. Towards Understanding the Runtime Performance of Rust. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (Rochester, MI, USA) (ASE ’22). Association for Computing Machinery, New York, NY, USA, Article 140, 6 pages. isbn:9781450394758
Google Scholar
Digital Library
- Hakan Özler. 2019. A curated list of JSON / BSON datasets from the web in order to practice / use in MongoDB. https://github.com/ozlerhakan/mongodb-json-files
Google Scholar
Index Terms
Fat Pointers for Temporal Memory Safety of C
Recommendations
In-fat pointer: hardware-assisted tagged-pointer spatial memory safety defense with subobject granularity protection
ASPLOS '21: Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating SystemsProgramming languages like C and C++ are not memory-safe because they provide programmers with low-level pointer manipulation primitives. The incorrect use of these primitives can result in bugs and security vulnerabilities: for example, spatial memory ...
Flow sensitive-insensitive pointer analysis based memory safety for multithreaded programs
ICCSA'11: Proceedings of the 2011 international conference on Computational science and Its applications - Volume Part VThe competency of pointer analysis is crucial for many compiler optimizations, transformations, and checks like memory safety. The potential interaction between threads in multithreaded programs complicates their pointer analysis and memory-safety ...
PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications SecurityMemory safety is a key security property that stops memory corruption vulnerabilities. Different types of memory safety enforcement solutions have been proposed and adopted by sanitizers or mitigations to catch and stop such bugs, at the development or ...






Comments