DangSan: Scalable use-after-free detection

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

33 Downloads (Pure)

Abstract

Use-after-free vulnerabilities due to dangling pointers are an important and growing threat to systems security. While various solutions exist to address this problem, none of them is sufficiently practical for real-world adoption. Some can be bypassed by attackers, others cannot support complex multithreaded applications prone to dangling pointers, and the remainder have prohibitively high overhead. One major source of overhead is the need to synchronize threads on every pointer write due to pointer tracking. In this paper, we present DangSan, a use-after-free detection system that scales efficiently to large numbers of pointer writes as well as to many concurrent threads. To significantly reduce the overhead of existing solutions, we observe that pointer tracking is write-intensive but requires very few reads. Moreover, there is no need for strong consistency guarantees as inconsistencies can be reconciled at read (i.e., object deallocation) time. Building on these intuitions, DangSan's design mimics that of log-structured file systems, which are ideally suited for similar workloads. Our results show that DangSan can run heavily multithreaded applications, while introducing only half the overhead of previous multithreaded use-after-free detectors.

Original languageEnglish
Title of host publicationEuroSys '17
Subtitle of host publicationProceedings of the Twelfth European Conference on Computer Systems
PublisherAssociation for Computing Machinery, Inc
Pages405-419
Number of pages15
ISBN (Electronic)9781450349383
DOIs
Publication statusPublished - Apr 2017
Event12th European Conference on Computer Systems, EuroSys 2017 - Belgrade, Serbia
Duration: 23 Apr 201726 Apr 2017

Conference

Conference12th European Conference on Computer Systems, EuroSys 2017
Country/TerritorySerbia
CityBelgrade
Period23/04/1726/04/17

Funding

This work was supported by the European Commission through project H2020 ICT-32-2014 "SHARCS" under Grant Agreement No. 64457 and the Netherlands Organisation for Scientific Research through grant NWO 639.023.309 VICI "Dowsing".

FundersFunder number
Horizon 2020 Framework Programme644571
European Commission64457, H2020 ICT-32-2014
Nederlandse Organisatie voor Wetenschappelijk Onderzoek639.023.309

    Keywords

    • Dangling pointers
    • LLVM
    • Use-after-free

    Fingerprint

    Dive into the research topics of 'DangSan: Scalable use-after-free detection'. Together they form a unique fingerprint.

    Cite this