Title: Fast, compatible, complete memory safety For C programs
Abstract: The lack of memory safety in C/C++ programs is one
of, if not the, most persistent and costly sources of program
exploits. Attacks based on memory corruption can range from the
reading of private data to a complete hostile takeover of a
process. While many solutions to this problem have been proposed,
it is as of yet unsolved-as old memory corruption attacks are
rendered obsolete, new attacks continually spring up. This lack of
success is largely due to the trade-offs that memory safety
solutions make between completeness, compatibility, and overhead.
There no a single solution with all three properties, and a
solution must have all three in order to once-and-for-all solve the
lack of memory safety in C programs: If a solution is incomplete,
attackers will find a workaround. Unless it is backwards compatible
and low-overhead, it will not be deployed in production. My goal
for this thesis was to take an existing system which is close to
having all three properties, and add the missing property. I chose
to work with SoftboundCETS an LLVM pass which is already complete
and backwards compatible, but has high runtime overhead. In this
thesis, I take SoftboundCETS and heavily optimize its runtimes,
reducing its total overhead by half. I split the original pass into
two separate passes (one to mark which instructions were to be
instrumented and the second to do the actual instrumentation) and
then insert several optimization passes between them. I test my
results on selected benchmarks from SPEC2000 and SPEC2006, and
create a virtual machine image which allows my results to be
reliably reproduced. Lastly, I propose a number of further
optimizations which would allow Softbound-CETS to achieve low
enough overhead to be used in a mid-performance production
system.
Publication Year: 2016
Publication Date: 2016-01-01
Language: en
Type: dissertation
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot