SMA: Eliminate Memory Spatial Errors via Saturation Memory Access
share
Memory spatial error, i.e., buffer overflow, has been a well-known issue in computer security for a long time and remains one of the root causes of exploitable vulnerabilities. Existing tools focus on the detection of memory spatial errors and prevent intrusion by terminating the execution of the victim program. However, such tools cannot eliminate the vulnerabilities without patching the program. Unfortunately, in the increasingly popular embedded environment, deploying patches becomes harder because of the enormous number of devices. The limited resource in the embedded environment also prevents many existing tools to be used in the real world. This paper proposes the Saturation Memory Access (SMA), a memory spatial error elimination tool that prevents out-of-bound access without terminating the execution of a program. We use the tagged pointer scheme to store the boundary metadata of a memory object in the pointer itself, and correct the address to the object boundary upon detecting out-of-bound access. This method is based on a key observation that developers generally do not rely on out-of-bounds access to implement the program logic, so the correction of the address does not interfere with the execution of a program. We have implemented the prototype of SMA on LLVM 4.0.1 with two pointer encoding schemes designed for different tradeoff decisions between performance and memory usage. Experiments show that our prototype can stop nearly all attack forms in the RIPE benchmark and incurs 64%-84% overhead on SPEC CPU2017.
READ FULL TEXT