Abstract
Despite decades of research, buffer overflows still rank among the most dangerous vulnerabilities in unsafe languages such as C and C++. Compared to other memory corruption vulnerabilities, buffer overflows are both common and typically easy to exploit. Yet, they have proven so challenging to detect in real-world programs that existing solutions either yield very poor performance, or introduce incompatibilities with the C/C++ language standard. We present Delta Pointers, a new solution for buffer overflow detection based on efficient pointer tagging. By carefully altering the pointer representation, without violating language specifications, Delta Pointers use existing hardware features to detect both contiguous and non-contiguous overflows on dereferences, without a single check incurring extra branch or memory access operations. By focusing on buffer overflows rather than other vulnerabilities (e.g., underflows), Delta Pointers offer a unique checkless design to provide high performance while still maintaining compatibility. We show that Delta Pointers are effective in detecting arbitrary buffer overflows and, at 35% overhead on SPEC, offer much better performance than competing solutions.
| Original language | English |
|---|---|
| Title of host publication | EuroSys 2018 |
| Subtitle of host publication | Proceedings of the 13th EuroSys Conference |
| Publisher | Association for Computing Machinery, Inc |
| Pages | 1-14 |
| Number of pages | 14 |
| ISBN (Electronic) | 9781450355841 |
| ISBN (Print) | 9781450355841 |
| DOIs | |
| Publication status | Published - Apr 2018 |
| Event | 13th EuroSys Conference, EuroSys 2018 - Porto, Portugal Duration: 23 Apr 2018 → 26 Apr 2018 |
Conference
| Conference | 13th EuroSys Conference, EuroSys 2018 |
|---|---|
| Country/Territory | Portugal |
| City | Porto |
| Period | 23/04/18 → 26/04/18 |
Keywords
- Bounds Checking
- LLVM
- Memory Safety
- Pointer Tagging
