Annual Computer Security Applications Conference (ACSAC) 2018

Full Program »

Type-after-Type: Practical and Complete Type-Safe Memory Reuse

Temporal memory errors, such as use-after-free bugs, are increasingly popular among attackers and their exploitation is hard to stop efficiently using current techniques. We present a new design, called Type-After-Type, which builds on abstractions in production allocators to provide complete temporal type safety for C/C++ programs—ensuring that memory reuse is always type safe—and efficiently hinder temporal memory attacks. Type-After-Type uses static analysis to determine the types of all heap and stack allocations, and replaces regular allocations with typed allocations that never reuse memory previously used by other types. On the heap, Type-After-Type splits available memory into separate pools for each type. For the stack, Type-After-Type efficiently implements type-safe memory reuse for the first time, pushing variables on separate stacks according to their types, unless they are provably safe (e.g., their address is not taken), in which case they are zero-initialized and kept on a special stack. In our evaluation, we show that Type-After-Type stops a variety of real-world temporal memory attacks and on SPEC CPU2006 incurs a performance overhead of 4.3% and a memory overhead of 21.3% (geomean).

Erik van der Kouwe
Leiden University
Netherlands

Taddeus Kroes
Vrije Universiteit Amsterdam
Netherlands

Chris Ouwehand
Vrije Universiteit Amsterdam
Netherlands

Herbert Bos
Vrije Universiteit Amsterdam
Netherlands

Cristiano Giuffrida
Vrije Universiteit Amsterdam
Netherlands

 



Powered by OpenConf®
Copyright©2002-2018 Zakon Group LLC