Title :
Boundless memory allocations for memory safety and high availability
Author :
Brünink, Marc ; Süsskraut, Martin ; Fetzer, Christof
Author_Institution :
Dept. of Comput. Sci., Tech. Univ. Dresden, Dresden, Germany
Abstract :
Spatial memory errors (like buffer overflows) are still a major threat for applications written in C. Most recent work focuses on memory safety - when a memory error is detected at runtime, the application is aborted. Our goal is not only to increase the memory safety of applications but also to increase the application´s availability. Therefore, we need to tolerate spatial memory errors at runtime. We have implemented a compiler extension, Boundless, that automatically adds the tolerance feature to C applications at compile time. We show that this can increase the availability of applications. Our measurements also indicate that Boundless has a lower performance overhead than SoftBound, a state-of-the-art approach to detect spatial memory errors. Our performance gains result from a novel way to represent pointers. Nevertheless, Boundless is compatible with existing C code. Additionally, Boundless provides a trade-off to reduce the runtime overhead even further: We introduce vulnerability specific patching for spatial memory errors to tolerate only known vulnerabilities. Vulnerability specific patching has an even lower runtime overhead than full tolerance.
Keywords :
C language; program compilers; security of data; storage allocation; C applications; boundless memory allocations; compiler extension; spatial memory errors; vulnerability specific patching; Arrays; Availability; Instruments; Random access memory; Resource management; Runtime; Safety; Availability; Bounds checking; Compiler transformation; Fault tolerance; Software safety;
Conference_Titel :
Dependable Systems & Networks (DSN), 2011 IEEE/IFIP 41st International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-9232-9
Electronic_ISBN :
1530-0889
DOI :
10.1109/DSN.2011.5958203
