University of Cambridge > Talks.cam > Computer Laboratory NetOS Group Talklets > Baggy bounds checking

Baggy bounds checking

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Stephen Kell.

The adoption of runtime bounds checking for C programs is limited because it either breaks interoperability by modifying the pointer representation to include bounds or incurs significant performance overhead to lookup the bounds in a data structure. We improve this for security purposes by observing that enforcing looser bounds still severely limits attackers, as long as we pad objects to the new, baggy bounds thus preventing access to any potential target objects. We take advantage of this more flexible integrity guarantee to increase performance by padding and aligning allocations to a power of two, enabling a byte-size representation of the allocation bounds that is efficient to store, lookup and check. As expected, padding incurs space and runtime overheads, but these turn out to be far less than the gains for bounds checking: our technique is more than three times faster—-and orthogonal—-to the state of the art technique on the same benchmarks, and an order of magnitude faster, using less memory, compared to using splay trees instead of padding, sharing the same implementation for everything else.

This talk is part of the Computer Laboratory NetOS Group Talklets series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2019 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity