PAriCheck: An efficient pointer arithmetic checker for C programs

Yves Younan; Pieter Philippaerts; Lorenzo Cavallaro; R. Sekar; Frank Piessens; Wouter Joosen

doi:10.1145/1755688.1755707

PAriCheck: An efficient pointer arithmetic checker for C programs

Yves Younan
, Pieter Philippaerts
, Lorenzo Cavallaro
, R. Sekar
, Frank Piessens
, Wouter Joosen

Computer Science

Stony Brook University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

69 Scopus citations

Abstract

Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker, called PAriCheck, that inserts dynamic runtime checks to ensure that attackers are not able to abuse buffer overflow vulnerabilities. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits. Whenever pointer arithmetic occurs, the label of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out-of-bounds calculation has occurred. Benchmarks show that PAriCheck has a very low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.

Original language	English
Title of host publication	Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010
Pages	145-156
Number of pages	12
DOIs	https://doi.org/10.1145/1755688.1755707
State	Published - 2010
Event	5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010 - Beijing, China Duration: Apr 13 2010 → Apr 16 2010

Publication series

Name	Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010

Conference

Conference	5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010
Country/Territory	China
City	Beijing
Period	04/13/10 → 04/16/10

Keywords

bounds checking
buffer overflows

Access to Document

10.1145/1755688.1755707

Cite this

Younan, Y., Philippaerts, P., Cavallaro, L., Sekar, R., Piessens, F., & Joosen, W. (2010). PAriCheck: An efficient pointer arithmetic checker for C programs. In Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010 (pp. 145-156). (Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010). https://doi.org/10.1145/1755688.1755707

Younan, Yves ; Philippaerts, Pieter ; Cavallaro, Lorenzo et al. / PAriCheck : An efficient pointer arithmetic checker for C programs. Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010. 2010. pp. 145-156 (Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010).

@inproceedings{bd8b9b61211e43d993e8f85abe9544ea,

title = "PAriCheck: An efficient pointer arithmetic checker for C programs",

abstract = "Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker, called PAriCheck, that inserts dynamic runtime checks to ensure that attackers are not able to abuse buffer overflow vulnerabilities. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits. Whenever pointer arithmetic occurs, the label of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out-of-bounds calculation has occurred. Benchmarks show that PAriCheck has a very low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.",

keywords = "bounds checking, buffer overflows",

author = "Yves Younan and Pieter Philippaerts and Lorenzo Cavallaro and R. Sekar and Frank Piessens and Wouter Joosen",

year = "2010",

doi = "10.1145/1755688.1755707",

language = "English",

isbn = "9781605589367",

series = "Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010",

pages = "145--156",

booktitle = "Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010",

note = "5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010 ; Conference date: 13-04-2010 Through 16-04-2010",

}

Younan, Y, Philippaerts, P, Cavallaro, L, Sekar, R, Piessens, F & Joosen, W 2010, PAriCheck: An efficient pointer arithmetic checker for C programs. in Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010. Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 145-156, 5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010, Beijing, China, 04/13/10. https://doi.org/10.1145/1755688.1755707

PAriCheck: An efficient pointer arithmetic checker for C programs. / Younan, Yves; Philippaerts, Pieter; Cavallaro, Lorenzo et al.
Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010. 2010. p. 145-156 (Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - PAriCheck

T2 - 5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010

AU - Younan, Yves

AU - Philippaerts, Pieter

AU - Cavallaro, Lorenzo

AU - Sekar, R.

AU - Piessens, Frank

AU - Joosen, Wouter

PY - 2010

Y1 - 2010

N2 - Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker, called PAriCheck, that inserts dynamic runtime checks to ensure that attackers are not able to abuse buffer overflow vulnerabilities. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits. Whenever pointer arithmetic occurs, the label of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out-of-bounds calculation has occurred. Benchmarks show that PAriCheck has a very low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.

AB - Buffer overflows are still a significant problem in programs written in C and C++. In this paper we present a bounds checker, called PAriCheck, that inserts dynamic runtime checks to ensure that attackers are not able to abuse buffer overflow vulnerabilities. The main approach is based on checking pointer arithmetic rather than pointer dereferences when performing bounds checks. The checks are performed by assigning a unique label to each object and ensuring that the label is associated with each memory location that the object inhabits. Whenever pointer arithmetic occurs, the label of the base location is compared to the label of the resulting arithmetic. If the labels differ, an out-of-bounds calculation has occurred. Benchmarks show that PAriCheck has a very low performance overhead compared to similar bounds checkers. This paper demonstrates that using bounds checkers for programs or parts of programs running on high-security production systems is a realistic possibility.

KW - bounds checking

KW - buffer overflows

UR - https://www.scopus.com/pages/publications/77954495640

U2 - 10.1145/1755688.1755707

DO - 10.1145/1755688.1755707

M3 - Conference contribution

SN - 9781605589367

T3 - Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010

SP - 145

EP - 156

BT - Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010

Y2 - 13 April 2010 through 16 April 2010

ER -

Younan Y, Philippaerts P, Cavallaro L, Sekar R, Piessens F, Joosen W. PAriCheck: An efficient pointer arithmetic checker for C programs. In Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010. 2010. p. 145-156. (Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010). doi: 10.1145/1755688.1755707

PAriCheck: An efficient pointer arithmetic checker for C programs

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this