Securing C Programs by Dynamic Type Checking
Flexible features of C can be misused and result in potential vulnerabilities which are hard to detect by performing only static checking. Existing tools either give up run-time type checking or employ a type system whose granularity is too coarse (it does not differentiate between pointer types) so that many errors may go undetected. This paper presents a dynamic checking approach to conquer them. A type system that is based on the physical layout of data types and has the proper granularity has been employed. Rules for propagating dynamic types and checking for compatibility of types during execution of the target program are also set up. Then a model of dynamic type checking on this type system to capture run-time type errors is built. Experimental results show that it can catch most errors, including those may become system vulnerabilities and the overhead is moderate.
KeywordsType System Program Element Active Member Ground Type Dynamic Type
Unable to display preview. Download preview PDF.
- 4.Seward, J.: Valgrind, an open-source memory debugger for x86-GNU/Linux. Technical report (2003), http://valgrind.kde.org/
- 5.Burrows, M., Freund, S., Wiener, J.: Run-time type checking for binary programs. In: International Conference on Compiler Construction (2003)Google Scholar
- 7.Hasting, R., Joyce, B.: Purify: fast detection of memory leaks and access errors. In: Proceedings of the Winter USENIX Conference (1992)Google Scholar
- 8.Chandra, S., Reps, T.: Physical type checking for C. In: Proceedings of the ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering. Software Engineering Notes (SEN), vol. 24(5), pp. 66–75 (1999)Google Scholar
- 9.Shankar, U., Talwar, K., Foster, J.S., Wagner, D.: Automated Detection of Format-String Vulnerabilities Using Type Qualifiers. In: Proceedings of the 10th USENIX Security Symposium, Washington, DC (2001)Google Scholar