Name
Title | ||
|---|---|---|
Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors |
Abstract | ||
|---|---|---|
Attacks that exploit out-of-bounds errors in C and C++ programs are still prevalent despite many years of research on bounds checking. Previous backwards compatible bounds checking techniques, which can be applied to unmodified C and C++ programs, maintain a data structure with the bounds for each allocated object and perform lookups in this data structure to check if pointers remain within bounds. This data structure can grow large and the lookups are expensive. In this paper we present a backwards compatible bounds checking technique that substantially reduces performance overhead. The key insight is to constrain the sizes of allocated memory regions and their alignment to enable efficient bounds lookups and hence efficient bounds checks at runtime. Our technique has low overhead in practice--only 8% throughput decrease for Apache-- and is more than two times faster than the fastest previous technique and about five times faster--using less memory--than recording object bounds using a splay tree. |
Year | Venue | Keywords |
|---|---|---|
2009 | USENIX Security Symposium | fastest previous technique,efficient bounds lookups,out-of-bounds error,backwards-compatible defense,unmodified c,efficient bounds check,performance overhead,memory region,bounds checking,low overhead,data structure,backwards compatible bound |
Field | DocType | Citations |
Pointer (computer programming),Data structure,Memory safety,Computer science,Splay tree,Parallel computing,Exploit,Throughput,Bounds checking,Backward compatibility | Conference | 105 |
PageRank | References | Authors |
2.75 | 43 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Periklis Akritidis | 1 | 451 | 22.09 |
| Manuel Costa | 2 | 1589 | 88.62 |
| Miguel Castro | 3 | 5088 | 328.69 |
| Steven Hand | 4 | 5696 | 488.18 |