Abstract: Researchers have rightfully been concerned about preventing memory errors, but in doing so have ignored methods to improve the security of the parts of the program that are already memory safe. We propose techniques to perform comprehensive memory safety validation that identify the program objects whose accesses provably comply with all classes of memory safety. We have found that a large fraction of program objects only have aliases (computed conservatively) satisfy memory safety comprehensively whose accesses all satisfy memory safety comprehensively and that these fractions are increasing. Our results show that over 85% of stack objects and over 75% of heap objects in over 1,200 Linux Ubuntu packages can be validated as satisfying memory safety comprehensively. We discuss some immediate benefits that can be realized by leveraging these results, such as low overhead protection from memory errors, as well as some opportunities to explore in the future. Finally, we discuss research directions to utilize the knowledge learned from comprehensive memory safety validation to prevent memory errors in accesses to the remaining, unsafe objects.
Bio: Trent Jaeger is a professor in the Computer Science and Engineering Department at the University of California, Riverside, after 18 years at Penn State University. His research interests include systems and software security, having made many contributions to the Linux open-source community. He has served as Chair of the ACM Special Interest Group on Security, Audit, and Control (ACM SIGSAC) and as the Steering Committee Chair for the Internet Society Network and Distributed Systems Symposium (NDSS). He is currently an Associate Editor-in-Chief for IEEE Security & Privacy and on the Editorial Board or the Communications of the ACM.
Abstract: Researchers have rightfully been concerned about preventing memory errors, but in doing so have ignored methods to improve the security of the parts of the program that are already memory safe. We propose techniques to perform comprehensive memory safety validation that identify the program objects whose accesses provably comply with all classes of memory safety. We have found that a large fraction of program objects only have aliases (computed conservatively) satisfy memory safety comprehensively whose accesses all satisfy memory safety comprehensively and that these fractions are increasing. Our results show that over 85% of stack objects and over 75% of heap objects in over 1,200 Linux Ubuntu packages can be validated as satisfying memory safety comprehensively. We discuss some immediate benefits that can be realized by leveraging these results, such as low overhead protection from memory errors, as well as some opportunities to explore in the future. Finally, we discuss research directions to utilize the knowledge learned from comprehensive memory safety validation to prevent memory errors in accesses to the remaining, unsafe objects.
Bio: Trent Jaeger is a professor in the Computer Science and Engineering Department at the University of California, Riverside, after 18 years at Penn State University. His research interests include systems and software security, having made many contributions to the Linux open-source community. He has served as Chair of the ACM Special Interest Group on Security, Audit, and Control (ACM SIGSAC) and as the Steering Committee Chair for the Internet Society Network and Distributed Systems Symposium (NDSS). He is currently an Associate Editor-in-Chief for IEEE Security & Privacy and on the Editorial Board or the Communications of the ACM.