Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors.

Attacks that exploit out-of-bounds errors in C and C++ programs are still prevalent despite many years of research on bounds checking. ... The key insight is to constrain the sizes of allocated memory regions and their alignment to enable efficient bounds lookups and hence efficient bounds checks at runtime. ... Sekar, the anonymous reviewers, and the members of the Networks and Operating Systems group at Cambridge University for comments that helped improve this paper. ...

dblp:conf/uss/AkritidisCCH09 fatcat:zjgwuck3ibcipdhksp37yyrxam

We propose a new memory error detection technique that explores a part of the design space that trades off some ability to detect bounds errors in order to obtain good performance and excellent backwards ... On the compatibility front, our technique has been tested on over 7 million lines of code, which is much larger than that reported for previous bounds-checking techniques. research efforts, spanning over ... Conclusion Out of bound arrays and pointers are the dominant source of memory errors in C programs. We presented a new lightweight backwards compatible approach for detecting these errors. ...

doi:10.1145/2259016.2259034 dblp:conf/cgo/HasabnisMS12 fatcat:kifvp4httbhufatinfkqdbjy3i

A comparison of different enforceable policies helps designers of new protection mechanisms in finding the balance between effectiveness (security) and efficiency. ... To achieve wide adoption, protection mechanisms must support a multitude of features and must satisfy a host of requirements. ... and the National Natural Science Foundation of China grant No. 61003216. ...

doi:10.1109/sp.2013.13 dblp:conf/sp/SzekeresPWS13 fatcat:slxnjwdqhrcx3crwc7dtjyxpqq

We take advantage of static analysis to develop several optimizations and make the Jones and Kelly approach to memory safety efficient and practical. ... The exploit analysis becomes trivial so sentinel hosts can issue an alert the instant they detect a worm. ... ACKNOWLEDGEMENTS The material is based upon work supported by the Department of Energy under Award Number DE-OE0000220. This report was prepared as an account ...

doi:10.1109/scam.2012.30 dblp:conf/scam/YuanJ12 fatcat:7r3kkzrgzncyzhwetqa2bvmsim

We propose to build Python-SGX with PyPy, a Python interpreter written by RPython, which is a subset of Python, and tame unsafe parts in PyPy by formal verification, security hardening, and memory safe ... We have implemented python-SGX and tested it with a series of benchmarks programs. Our evaluation results show that Python-SGX does not cause significant overhead. ... Baggy Bounds Checking [7] is an Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors. [34] is protecting C programs from attacks via invalid pointer dereferences. ...

arXiv:2005.05996v1 fatcat:2zi4nkaruzhu5gonl6lf5v3yli

Baggy bounds checking is one such approach and incurs an overhead of 72% on SEPECINT 2000 [5] . ... Figure 2 . 3 . 23 Memory errors can be either temporal (e.g., an out-of-bounds write ) or spatial (e.g., use-after-free error ). ...

doi:10.1145/3342559.3365336 dblp:conf/sosp/LiljestrandGNEA19 fatcat:nrvxdisehbau7kd3ojbkuhtxeu

We implement SafeStack + as a plug-in on LLVM 3.8 and perform extensive experiments to justify a lazy checking mechanism that adds on average 3.0% of runtime and 5.3% of memory overhead on top of SafeStack ... In this paper, we propose and implement SafeStack + , an enhanced dual stack LLVM plug-in that further protects programs from data-flow hijacking. ... SoftBound [24] and Baggy Bounds Checking [7, 15] store the bounds meta information in a shadow space or shadow memory that is separated from the main memory of the program. ...

doi:10.1007/978-3-319-59870-3_6 fatcat:luwehvktyzbsvczp6z454y7uve

As memory-safe languages are unlikely to displace C/C++ in the near future, efficient memory safety mechanisms for both existing and future C/C++ code are needed. ... A vast amount of software, from low-level systems code to high-performance applications, is written in memory-unsafe languages such as C and C++. ... No-FAT defends against the exploitation of buffer overflows (and underflows) by detecting out-of-bounds pointers. ...

doi:10.7916/nw2g-9t77 fatcat:dsiyir5ihzhttditywpkhe3twq

I want to thank everybody who supported me during my studies, my work, and the preparation of my dissertation. ... Acknowledgments This dissertation would have been impossible without the motivation, support, and company of many great people. ... CRED [148] , "backwards-compatible array bounds checking" [33] , "baggy bounds checking" [3] , and PAriCheck [205] detect buffer overflows at runtime, at different precision and performance penalties ...

doi:10.22028/d291-41440 fatcat:h6fmaaxdgzda5d3xwchbp75a7a

After an introductory essay that defines and explains the three approaches, the second part of the book contains eight articles that stress processing. ... Intended to show teachers how their approiches to the teaching of writing reflect a particular area of research and to show researchers how the intuitions of teachers reflect research findings, the rticles ... Phyllis Brooks is Lecturer in the Subject A Department, University of Cali- James Pierce is Chair of the English Department, Redwood High School, Larkspur, California, and Consultant to the Bay Area Writing ...

doi:10.2307/357808 fatcat:3jyq3bl555hghcfsmyzvid7bp4

JSTOR

The selection of authors, interviewees and the subjects of their contributions to include in this publication took place after the conversations on the platform were already underway, and a first round ... To do so, we used a combination of open calls for contributions and targeted interviews to identified thought leaders. ... Acknowledgement : This Report is part of a project that has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement Nº825652. ...

doi:10.5281/zenodo.6320727 fatcat:ghuvcxm5pjhlhi6cfn6dpf2aou

Open Access

rary Politics of Central America and the Caribbean (New York: Simon and Schuster, 1991) ; R. Hutchings, Historical Dictionary of Albania (Lanham, Md.: Scarecrow Press, 1996); P. H. ... of Monarchs (Woods), 317 In Search of Identity (Sadat) Mohammed Ali, 280, 310 Johnson, "Lady Bird," 60 Johnson, Lyndon B., 127,209,253,292, 294,300,347; as war hero, 211-12; political persuasion of ... As an apparatchik par excellence, he also carried out orders efficiently and without any qualms of conscience before he came to power, and issued orders efficiently and without any qualms of conscience ...

doi:10.5860/choice.40-1863 fatcat:cyva7ighmrbm3l6ixwrwcvuriu

The myth of Prometheus the fire-giver is an ancient one, but the drama it depicts illuminates much about the modem technological spirit.' Basically, the story is as follows. ... For a brief summary of the development of the myth, see Olga Raggio, "The Myth of Prometheus: Its Sunrival and Metamorphoses up to the Eighteenth Century", Journal of t h Warbourg and Courtauld Institutes ... One area where costly senrice workers stand to be replaced by cheaper and more efficient network technologies is in the check-out line at the supermarket, where digital point-of-sale systems eliminate ...

doi:10.5860/choice.38-2996 fatcat:r6oqbybt7rhx5acnwrai6rszny

Sociological Theory Sociological Theory (ST) publishes work in all areas of theory, including new substantive theories, history of theory, metatheory, formal theory construction, and synthetic contributions ... The site contains detailed instructions on how to submit the manuscript and track the progression of the review process. ... ACKNOWLEDGMENT An early draft of this article was presented at the Zuckerman Conference at the Institute for Social and Economic Research and Policy at Columbia University. ...

doi:10.1177/0735275113489561 fatcat:tzyhzzenr5b7zpatlii4lqxxfm

Abstracting and Indexing Atlantis is indexed in the following Thomson Reuters services: ... was therefore within the bounds of respectability. ... They are a great defence against fools and against the half-educated, and against dons of all sorts (open and disguised). [...] Your first job is to get the tools for your work. ...

doi:10.28914/atlantis-2019-41.2.02 fatcat:cxqdxawqljguvhelgo27forwba

DOAJ OJS Szczepanski

Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors

Preserved Fulltext

Light-weight bounds checking

Preserved Fulltext

SoK: Eternal War in Memory

Preserved Fulltext

CAWDOR: Compiler Assisted Worm Defense

Preserved Fulltext

Towards Memory Safe Python Enclave for Security Sensitive Computation [article]

Preserved Fulltext

Protecting the stack with PACed canaries

Preserved Fulltext

SafeStack $$^+$$ : Enhanced Dual Stack to Combat Data-Flow Hijacking [chapter]

Preserved Fulltext

Hardware-Software Co-design for Practical Memory Safety

Preserved Fulltext

Compiler-based defenses against code execution attacks [article]

Preserved Fulltext

Theory and Practice in the Teaching of Composition: Processing, Distancing, and Modeling

Preserved Fulltext

The Next Generation Internet: a selection of contributions to the debate

Preserved Fulltext

King of the mountain: the nature of political leadership

Preserved Fulltext

Prometheus wired: the hope for democracy in the age of network technology

Preserved Fulltext

The Honored Outsider

Preserved Fulltext

Facework and Prosocial Teasing in a Synchronous Video Communication Exchange

Preserved Fulltext