SMA: Eliminate Memory Spatial Errors via Saturation Memory Access

by   Dongwei Chen, et al.

Memory spatial error, i.e., buffer overflow, has been a well-known issue in computer security for a long time and remains one of the root causes of exploitable vulnerabilities. Existing tools focus on the detection of memory spatial errors and prevent intrusion by terminating the execution of the victim program. However, such tools cannot eliminate the vulnerabilities without patching the program. Unfortunately, in the increasingly popular embedded environment, deploying patches becomes harder because of the enormous number of devices. The limited resource in the embedded environment also prevents many existing tools to be used in the real world. This paper proposes the Saturation Memory Access (SMA), a memory spatial error elimination tool that prevents out-of-bound access without terminating the execution of a program. We use the tagged pointer scheme to store the boundary metadata of a memory object in the pointer itself, and correct the address to the object boundary upon detecting out-of-bound access. This method is based on a key observation that developers generally do not rely on out-of-bounds access to implement the program logic, so the correction of the address does not interfere with the execution of a program. We have implemented the prototype of SMA on LLVM 4.0.1 with two pointer encoding schemes designed for different tradeoff decisions between performance and memory usage. Experiments show that our prototype can stop nearly all attack forms in the RIPE benchmark and incurs 64%-84% overhead on SPEC CPU2017.


page 12

page 13


S3Library: Automatically Eliminating C/C++ Buffer Overflow using Compatible Safer Libraries

Annex K of C11, bounds-checking interfaces, recently introduced a set of...

Introspection for C and its Applications to Library Robustness

Context: In C, low-level errors, such as buffer overflow and use-after-f...

A unit-based symbolic execution method for detecting memory corruption vulnerabilities in executable codes

Memory corruption is a serious class of software vulnerabilities, which ...

DangKiller: Eliminating Dangling Pointers Efficiently via Implicit Identifier

Use-After-Free vulnerabilities, allowing the attacker to access unintend...

SafeLLVM: LLVM Without The ROP Gadgets!

Memory safety is a cornerstone of secure and robust software systems, as...

Preventing Buffer Overflows by Context-aware Failure-oblivious Computing

In languages like C, buffer overflows are widespread. A common mitigatio...

Context-aware Failure-oblivious Computing as a Means of Preventing Buffer Overflows

In languages like C, buffer overflows are widespread. A common mitigatio...

Please sign up or login with your details

Forgot password? Click here to reset