Beyond Spatial and Temporal Memory Safety

被引：7

作者：

Chen, Zhe ^{[1
]}

Tao, Chuanqi ^{[1
]}

Zhang, Zhiyi ^{[1
]}

Yang, Zhibin ^{[1
]}

机构：

[1] Nanjing Univ Aeronaut & Astronaut, Coll Comp Sci & Technol, Nanjing, Jiangsu, Peoples R China

来源：

PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - COMPANION (ICSE-COMPANION | 2018年

基金：

中国国家自然科学基金;

关键词：

memory safety; spatial safety; temporal safety; dynamic analysis; C programs; segment errors;

D O I：

10.1145/3183440.3195090

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The unsafe features of C often lead to memory errors that can result in vulnerabilities. Dynamic analysis tools are widely used to detect such errors at runtime and enforce memory safety. It is widely believed that memory safety exactly consists of spatial and temporal safety, thus all existing analysis tools aim at detecting spatial or temporal errors. In this paper, we introduce another class of memory safety, namely segment safety, which has been neglected in previous work. Indeed, state-of-the-art analysis tools cannot detect segment errors. Thus we propose and implement a new approach to detect segment errors at runtime.

引用

页码：189 / 190

页数：2

共 11 条

[1]

AKRITIDIS P, 2009, 18 USENIX SEC S UNEN

[2] Parametric Runtime Verification of C Programs [J].

Chen, Zhe ;

Wang, Zhemin ;

Zhu, Yunlong ;

Xi, Hongwei ;

Yang, Zhibin .

TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS (TACAS 2016), 2016, 9636 :299-315

[3]

Dhurjati D., 2006, 28th International Conference on Software Engineering Proceedings, P162, DOI 10.1145/1134285.1134309

[4]

HASABNIS N., 2012, P 10 INT S CODE GENE, P135

[5] DOUBLETAKE: Fast and Precise Error Detection via Evidence-Based Dynamic Analysis [J].

Liu, Tongping ;

Curtsinger, Charlie ;

Berger, Emery D. .

2016 IEEE/ACM 38TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2016, :911-922

[6]

NAGARAKATTE S., 2015, SUMMIT ADV PROGRAMMI, P190

[7]

Nagarakatte S, 2010, ACM SIGPLAN NOTICES, V45, P31

[8] SoftBound: Highly Compatible and Complete Spatial Memory Safety for C [J].

Nagarakatte, Santosh ;

Zhao, Jianzhou ;

Martin, Milo M. K. ;

Zdancewic, Steve .

PLDI'09 PROCEEDINGS OF THE 2009 ACM SIGPLAN CONFERENCE ON PROGRAMMING LANGUAGE DESIGN AND IMPLEMENTATION, 2009, :245-258

[9] CCured: Type-safe retrofitting of legacy software [J].

Necula, GC ;

Condit, J ;

Harren, M ;

McPeak, S ;

Weimer, W .

ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2005, 27 (03) :477-526

[10]

Serebryany K., 2012, 2012 USENIX ANN TECH, P309

← 1 2 →