Skip to main content
Springer Nature Link
Log in

Context-Aware Failure-Oblivious Computing as a Means of Preventing Buffer Overflows

  • Conference paper
  • First Online:
Network and System Security (NSS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11058))

Included in the following conference series:

Abstract

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent data leakage or the diversion of control flow. However, for server applications, it would be desirable to prevent such errors while maintaining availability of the system. To this end, we present an approach to handling buffer overflows without aborting the program. This approach involves implementing a recovery logic in library functions based on an introspection function that allows querying the size of a buffer. We demonstrate that introspection can be implemented in popular bug-finding and bug-mitigation tools such as LLVM’s AddressSanitizer, SoftBound, and Intel-MPX-based bounds checking. We evaluated our approach in a case study of real-world bugs and show that for tools that explicitly track bounds data, introspection results in a low performance overhead.

We thank Oracle Labs for funding this research. We thank Gergö Barany, Roland Yap, and Fabio Niephaus for their useful feedback on an early draft of this paper. We thank Ingrid Abfalter for proofreading and editorial assistance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €39.99 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 71.68
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 90.94
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

') var buybox = document.querySelector("[data-id=id_"+ timestamp +"]").parentNode var buyingOptions = buybox.querySelectorAll(".buying-option") ;[].slice.call(buyingOptions).forEach(initCollapsibles) var buyboxMaxSingleColumnWidth = 480 function initCollapsibles(subscription, index) { var toggle = subscription.querySelector(".buying-option-price") subscription.classList.remove("expanded") var form = subscription.querySelector(".buying-option-form") var priceInfo = subscription.querySelector(".price-info") var buyingOption = toggle.parentElement if (toggle && form && priceInfo) { toggle.setAttribute("role", "button") toggle.setAttribute("tabindex", "0") toggle.addEventListener("click", function (event) { var expandedBuyingOptions = buybox.querySelectorAll(".buying-option.expanded") var buyboxWidth = buybox.offsetWidth ;[].slice.call(expandedBuyingOptions).forEach(function(option) { if (buyboxWidth buyboxMaxSingleColumnWidth) { toggle.click() } else { if (index === 0) { toggle.click() } else { toggle.setAttribute("aria-expanded", "false") form.hidden = "hidden" priceInfo.hidden = "hidden" } } }) } initialStateOpen() if (window.buyboxInitialised) return window.buyboxInitialised = true initKeyControls() })()

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Note that in our previous work we instead reimplemented parts of a libc to use introspection, which made the libc less readable and required programs to be compatible with this libc.

  2. 2.

    https://github.com/santoshn/softboundcets-3.8.0/issues/\(x \in \{5, 6, 7, 8\}\).

  3. 3.

    http://www.thekelleys.org.uk/dnsmasq/doc.html.

  4. 4.

    http://xmlsoft.org/.

  5. 5.

    http://www.graphicsmagick.org/.

  6. 6.

    https://github.com/hfiref0x/LightFTP/.

  7. 7.

    EffectiveSan [7], an extension of the low-fat pointer approach, provides accurate bounds but has not been released to the public as of June 2018.

References

  1. Akritidis, P., Costa, M., Castro, M., Hand, S.: Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors. In: Proceedings of the 18th Conference on USENIX Security Symposium, SSYM 2009, pp. 51–66. USENIX Association, Berkeley, CA, USA (2009)

    Google Scholar 

  2. Baratloo, A., Singh, N., Tsai, T.: Libsafe: protecting critical elements of stacks. White Paper (1999). http://www.research.avayalabs.com/project/libsafe

  3. Bruening, D., Zhao, Q.: Practical memory checking with Dr. memory. In: Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimization, CGO 2011, pp. 213–223. IEEE Computer Society, Washington, DC, USA (2011)

    Google Scholar 

  4. Brunink, M., Susskraut, M., Fetzer, C.: Boundless memory allocations for memory safety and high availability. In: Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks, DSN 2011, pp. 13–24. IEEE Computer Society, Washington, DC, USA (2011). https://doi.org/10.1109/DSN.2011.5958203

  5. Cowan, C., Wagle, P., Pu, C., Beattie, S., Walpole, J.: Buffer overflows: attacks and defenses for the vulnerability of the decade. In: Proceedings of the DARPA Information Survivability Conference and Exposition, DISCEX 2000, vol. 2, pp. 119–129. IEEE (2000)

    Google Scholar 

  6. Duck, G.J., Yap, R.H.C.: Heap bounds protection with low fat pointers. In: Proceedings of the 25th International Conference on Compiler Construction, CC 2016, pp. 132–142. ACM, New York, NY, USA (2016). https://doi.org/10.1145/2892208.2892212

  7. Duck, G.J., Yap, R.H.C.: EffectiveSan: type and memory error detection using dynamically typed C/C++. In: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2018, pp. 181–195. ACM, New York (2018). https://doi.org/10.1145/3192366.3192388

  8. Duck, G.J., Yap, R.H., Cavallaro, L.: Stack bounds protection with low fat pointers. In: Symposium on Network and Distributed System Security (2017)

    Google Scholar 

  9. Durieux, T., Hamadi, Y., Yu, Z., Baudry, B., Monperrus, M.: Exhaustive exploration of the failure-oblivious computing search space. In: Proceedings of the International Conference on Software Testing and Verification (ICST), ICST 2018, April 2018 (2018)

    Google Scholar 

  10. Kell, S.: Towards a dynamic object model within unix processes. In: 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), Onward! 2015, pp. 224–239. ACM, New York (2015). https://doi.org/10.1145/2814228.2814238

  11. Kell, S.: Dynamically diagnosing type errors in unsafe code. In: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, pp. 800–819. ACM, New York (2016). https://doi.org/10.1145/2983990.2983998

  12. Kuvaiskii, D., et al.: SGXBOUNDS: memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems. EuroSys 2017, pp. 205–221. ACM, New York (2017). https://doi.org/10.1145/3064176.3064192

  13. Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis transformation. In: CGO 2004, pp. 75–86 (2004)

    Google Scholar 

  14. Long, F., Sidiroglou-Douskos, S., Rinard, M.: Automatic runtime error repair and containment via recovery shepherding. In: Proceedings of the 35th ACMSIGPLAN Conference on Programming Language Design and Implementation, PLDI 2014, pp. 227–238. ACM, New York (2014). https://doi.org/10.1145/2594291.2594337

  15. Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: Softbound: Highly compatible and complete spatial memory safety for C. In: Proceedings of the30th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2009, pp. 245–258. ACM, New York (2009). https://doi.org/10.1145/1542476.1542504

  16. Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: CETS: compiler enforced temporal safety for C, pp. 31–40 (2010). https://doi.org/10.1145/1806651.1806657

  17. Nethercote, N., Seward, J.: How to shadow every byte of memory used by a program. In: Proceedings of the 3rd International Conference on Virtual Execution Environments, VEE 2007, pp. 65–74. ACM, New York (2007). https://doi.org/10.1145/1254810.1254820

  18. Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. In: Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2007, pp. 89–100. ACM, New York (2007). https://doi.org/10.1145/1250734.1250746

  19. Oleksenko, O., Kuvaiskii, D., Bhatotia, P., Felber, P., Fetzer, C.: Intel MPX explained: a cross-layer analysis of the intel MPX system stack. Proc. ACM Meas. Anal. Comput. Syst. 2(2), 28:1–28:30 (2018). https://doi.org/10.1145/3224423

    Article  Google Scholar 

  20. Rigger, M., Grimmer, M., Wimmer, C., Würthinger, T., Mössenböck, H.: Bringing low-level languages to the JVM: efficient execution of LLVM IR on truffle. In: Proceedings of the 8th International Workshop on Virtual Machines and Intermediate Languages, VMIL 2016, pp. 6–15. ACM, New York (2016). https://doi.org/10.1145/2998415.2998416

  21. Rigger, M., Schatz, R., Grimmer, M., Mössenböck, H.: Lenient execution of c on a java virtual machine: Or: How i learned to stop worrying and run the code. In: Proceedings of the 14th International Conference on Managed Languages and Runtimes, ManLang 2017, pp. 35–47. ACM, New York (2017). https://doi.org/10.1145/3132190.3132204

  22. Rigger, M., Schatz, R., Mayrhofer, R., Grimmer, M., Mössenböck, H.: Sulong, and thanks for all the bugs: finding errors in C programs by abstracting from the native execution model. In: Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2018. https://doi.org/10.1145/3173162.3173174

  23. Rigger, M., Schatz, R., Mayrhofer, R., Grimmer, M., Mössenböck, H.: Introspection for C and its applications to library robustness. Art Sci. Eng. Program. (2) (2018). https://doi.org/10.22152/programming-journal.org/2018/2/4

  24. Rinard, M.: Acceptability-oriented computing. In: Companion of the 18th Annual ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA 2003, pp. 221–239. ACM, New York (2003). https://doi.org/10.1145/949344.949402

  25. Rinard, M., Cadar, C., Dumitran, D., Roy, D.M., Leu, T., Beebee, Jr., W.S.: Enhancing server availability and security through failure-oblivious computing. In: Proceedings of the 6th Conference on Symposium on Opearting Systems Design & Implementation, OSDI 2004, vol. 6, p. 21. USENIX Association, Berkeley (2004)

    Google Scholar 

  26. Rinard, M.C.: Failure-oblivious computing and boundless memory blocks, Technical report (2005)

    Google Scholar 

  27. Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: AddressSanitizer: a fast address sanity checker. In: USENIX Annual Technical Conference, pp. 309–318 (2012)

    Google Scholar 

  28. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 552–561. ACM, New York (2007). https://doi.org/10.1145/1315245.1315313

  29. Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a reactive immune system for software services. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, p. 11. USENIX Association, Berkeley (2005)

    Google Scholar 

  30. Song, D., et al.: Sok: sanitizing for security. In: IEEE Symposium on Security and Privacy (S&P 2019) (2019, to Appear). Accepted

    Google Scholar 

  31. Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: Proceedings of the Second European Workshop on System Security, EUROSEC 2009, pp. 1–8. ACM, New York (2009). https://doi.org/10.1145/1519144.1519145

  32. Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: eternal war in memory. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP 2013, pp. 48–62. IEEE Computer Society, Washington, DC (2013). https://doi.org/10.1109/SP.2013.13

  33. The MITRE Corporation: Common vulnerabilities and exposures. https://cve.mitre.org/

  34. van der Veen, V., dutt-Sharma, N., Cavallaro, L., Bos, H.: Memory errors: the past, the present, and the future. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 86–106. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33338-5_5

    Chapter  Google Scholar 

  35. Watson, R.N.M., et al.: Cheri: a hybrid capability-system architecture for scalable software compartmentalization. In: 2015 IEEE Symposium on Security and Privacy, pp. 20–37, May 2015. https://doi.org/10.1109/SP.2015.9

  36. Younan, Y., Joosen, W., Piessens, F.: Runtime countermeasures for code injection attacks against C and C++ programs. ACM Comput. Surv. 44(3), 17:1–17:28 (2012). https://doi.org/10.1145/2187671.2187679

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Johannes Kepler University Linz, Linz, Austria

    Manuel Rigger, Daniel Pekarek & Hanspeter Mössenböck

Authors
  1. Manuel Rigger
    View author publications

    Search author on:PubMed Google Scholar

  2. Daniel Pekarek
    View author publications

    Search author on:PubMed Google Scholar

  3. Hanspeter Mössenböck
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Manuel Rigger .

Editor information

Editors and Affiliations

  1. The Hong Kong Polytechnic University, Hong Kong, China

    Man Ho Au

  2. The University of Hong Kong, Hong Kong, China

    Siu Ming Yiu

  3. Guangzhou University, Guangzhou, China

    Jin Li

  4. The Hong Kong Polytechnic University, Hong Kong, China

    Xiapu Luo

  5. City University of Hong Kong, Hong Kong, China

    Cong Wang

  6. University of Salerno and University of Naples Federico II, Fisciano, Italy

    Aniello Castiglione

  7. CISPA Helmholtz Center i.G. GmbH, Saarbrücken, Germany

    Kamil Kluczniak

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rigger, M., Pekarek, D., Mössenböck, H. (2018). Context-Aware Failure-Oblivious Computing as a Means of Preventing Buffer Overflows. In: Au, M., et al. Network and System Security. NSS 2018. Lecture Notes in Computer Science(), vol 11058. Springer, Cham. https://doi.org/10.1007/978-3-030-02744-5_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02744-5_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02743-8

  • Online ISBN: 978-3-030-02744-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics