Paper Info
Title
PAriCheck: an efficient pointer arithmetic checker for C programs
Abstract
Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker, called PAriCheck, that inserts dynamic runtime checks to ensure that attackers are not able to abuse buffer overflow vulnerabilities. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits. Whenever pointer arithmetic occurs, the label of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out-of-bounds calculation has occurred. Benchmarks show that PAriCheck has a very low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.
Year
DOI
Venue
2010
10.1145/1755688.1755707
ASIACCS
Keywords
Field
DocType
bounds check,unique label,similar bounds checker,efficient pointer arithmetic checker,base location,resulting arithmetic,buffer overflow,c program,bounds checker,buffer overflow vulnerability,pointer dereferences,pointer arithmetic,bounds checking,buffer overflows,production system
Pointer (computer programming),Computer science,Computer security,Smart pointer,Bounds checking,Buffer overflow
Conference
Citations 
PageRank 
References 
43
1.40
31
Authors
6
Name
Order
Citations
PageRank
Yves Younan134716.78
Pieter Philippaerts233227.07
Lorenzo Cavallaro388652.85
R. C. Sekar42328168.76
Frank Piessens52455162.28
Wouter Joosen62898287.70