CW 554

Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens, and Wouter Joosen
PAriCheck: An efficient pointer arithmetic checker for C programs

Abstract

Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker called PAriCheck that inserts dynamic runtime checks to ensure that attackers are not able to abuse a buffer overflow vulnerability. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits.

Whenever pointer arithmetic occurs, thelabel of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out of bounds calculation has occurred. Benchmarks show that PAriCheck has a low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.

report.pdf (253K) / mailto: Y. Younan