โ Scribed by Nagarakatte, Santosh; Martin, Milo M. K.; Zdancewic, Steve
No coin nor oath required. For personal study only.
Languages such as C and C++ use unsafe manual memory management, allowing simple bugs (i.e., accesses to an object after deallocation) to become the root cause of exploitable security vulnerabilities. This paper proposes Watchdog, a hardware-based approach for ensuring safe and secure manual memory management. Inspired by prior software-only proposals, Watchdog generates a unique identifier for each memory allocation, associates these identifiers with pointers, and checks to ensure that the identifier is still valid on every memory access. This use of identifiers and checks enables Watchdog to detect errors even in the presence of reallocations. Watchdog stores these pointer identifiers in a disjoint shadow space to provide comprehensive protection and ensure compatibility with existing code. To streamline the implementation and reduce runtime overhead: Watchdog (1) uses micro-ops to access metadata and perform checks, (2) eliminates metadata copies among registers via modified register renaming, and (3) uses a dedicated metadata cache to reduce checking overhead. Furthermore, this paper extends Watchdog's mechanisms to detect bounds errors, thereby providing full hardware-enforced memory safety at low overheads.
๐ SIMILAR VOLUMES
Thirteen-year-old twins Vick and Tara have built an incredible machine--a loyal robotic watchdog named Daisy. But, when local crime boss Ms. Alba schemes to add Daisy to her robot army, Vick and Tara must go to great lengths to protect their prized pet. Because Daisy is more than just any robot--she
It's autumn in Connecticut. Melanie Travis has just started a new job, and with the added excitement of showing her Standard Poodle, Faith, in the fall shows, the last thing she wants is to become embroiled in yet another of her brother Frank's moneymaking schemes. His current brainstorm--remaking a