Journal ArticleDOI
DieHard: probabilistic memory safety for unsafe languages
Emery D. Berger,Benjamin G. Zorn +1 more
- Vol. 41, Iss: 6, pp 158-168
Reads0
Chats0
TLDR
Analytical and experimental results are presented that show DieHard's resilience to a wide range of memory errors, including a heap-based buffer overflow in an actual application.Abstract:
Applications written in unsafe languages like C and C++ are vulnerable to memory errors such as buffer overflows, dangling pointers, and reads of uninitialized data. Such errors can lead to program crashes, security vulnerabilities, and unpredictable behavior. We present DieHard, a runtime system that tolerates these errors while probabilistically maintaining soundness. DieHard uses randomization and replication to achieve probabilistic memory safety by approximating an infinite-sized heap. DieHard's memory manager randomizes the location of objects in a heap that is at least twice as large as required. This algorithm prevents heap corruption and provides a probabilistic guarantee of avoiding memory errors. For additional safety, DieHard can operate in a replicated mode where multiple replicas of the same application are run simultaneously. By initializing each replica with a different random seed and requiring agreement on output, the replicated version of Die-Hard increases the likelihood of correct execution because errors are unlikely to have the same effect across all replicas. We present analytical and experimental results that show DieHard's resilience to a wide range of memory errors, including a heap-based buffer overflow in an actual application.read more
Citations
More filters
Proceedings Article
AddressSanitizer: a fast address sanity checker
TL;DR: The paper presents AddressSanitizer, a new memory error detector that achieves efficiency without sacrificing comprehensiveness, and has found over 300 previously unknown bugs in the Chromium browser and many bugs in other software.
Proceedings ArticleDOI
SoK: Eternal War in Memory
TL;DR: The current knowledge about various protection techniques are systematized by setting up a general model for memory corruption attacks, and what policies can stop which attacks are shown, to analyze the reasons why protection mechanisms implementing stricter polices are not deployed.
Proceedings ArticleDOI
SoftBound: highly compatible and complete spatial memory safety for c
TL;DR: Inspired by HardBound, a previously proposed hardware-assisted approach, SoftBound similarly records base and bound information for every pointer as disjoint metadata, which enables SoftBound to provide spatial safety without requiring changes to C source code.
Proceedings ArticleDOI
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization
Kevin Z. Snow,Fabian Monrose,Lucas Davi,Alexandra Dmitrienko,Christopher Liebchen,Ahmad-Reza Sadeghi +5 more
TL;DR: This paper introduces the design and implementation of a framework based on a novel attack strategy that undermines the benefits of fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application's memory layout on the fly.
Proceedings ArticleDOI
Automatic patch generation by learning correct code
Fan Long,Martin Rinard +1 more
TL;DR: Experimental results show that, on a benchmark set of 69 real-world defects drawn from eight open-source projects, Prophet significantly outperforms the previous state-of-the-art patch generation system.
References
More filters
Journal ArticleDOI
Impossibility of distributed consensus with one faulty process
TL;DR: In this paper, it is shown that every protocol for this problem has the possibility of nontermination, even with only one faulty process.
Proceedings ArticleDOI
Lazy abstraction
TL;DR: This work presents an algorithm for model checking safety properties using lazy abstraction and describes an implementation of the algorithm applied to C programs and provides sufficient conditions for the termination of the method.
Journal ArticleDOI
The N-Version Approach to Fault-Tolerant Software
TL;DR: Principal requirements for the implementation of N-version software are summarized and the DEDIX distributed supervisor and testbed for the execution of N -version software is described.
Proceedings ArticleDOI
On the effectiveness of address-space randomization
TL;DR: Aderandomization attack is demonstrated that will convert any standard buffer-overflow exploit into an exploit that works against systems protected by address-space randomization, and it is concluded that, on 32-bit architectures, the only benefit of PaX-like address- space randomization is a small slowdown in worm propagation speed.
Proceedings Article
Cyclone: A Safe Dialect of C
TL;DR: This paper examines safety violations enabled by C’s design, and shows how Cyclone avoids them, without giving up C”s hallmark control over low-level details such as data representation and memory management.