C to checked C by 3c-Reference-Cited by-同舟云学术

C to checked C by 3c

Published:2022-04-29 Issue:OOPSLA1 Volume:6 Page:1-29
ISSN:2475-1421
Container-title:Proceedings of the ACM on Programming Languages
language:en
Short-container-title:Proc. ACM Program. Lang.

Author:

Machiry Aravind¹^ORCID,Kastner John²^ORCID,McCutchen Matt²^ORCID,Eline Aaron²^ORCID,Headley Kyle²^ORCID,Hicks Michael²^ORCID

Affiliation:

1. Purdue University, USA

2. Amazon, USA

Abstract

Owing to the continued use of C (and C++), spatial safety violations (e.g., buffer overflows) still constitute one of today's most dangerous and prevalent security vulnerabilities. To combat these violations, Checked C extends C with bounds-enforced checked pointer types. Checked C is essentially a gradually typed spatially safe C - checked pointers are backwards-binary compatible with legacy pointers, and the language allows them to be added piecemeal, rather than necessarily all at once, so that safety retrofitting can be incremental. This paper presents a semi-automated process for porting a legacy C program to Checked C. The process centers on 3C, a static analysis-based annotation tool. 3C employs two novel static analysis algorithms - typ3c and boun3c - to annotate legacy pointers as checked pointers, and to infer array bounds annotations for pointers that need them. 3C performs a root cause analysis to direct a human developer to code that should be refactored; once done, 3C can be re-run to infer further annotations (and updated root causes). Experiments on 11 programs totaling 319KLoC show 3C to be effective at inferring checked pointer types, and experience with previously and newly ported code finds 3C works well when combined with human-driven refactoring.

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3527322

Reference50 articles.

1. 2021. C to rust translation refactoring and cross-checking. https://c2rust.com/ 2021. C to rust translation refactoring and cross-checking. https://c2rust.com/

2. NH Bingham . 1996. The sample mid-range and interquartiles. Statistics & probability letters, 27, 2 ( 1996 ), 131–136. NH Bingham. 1996. The sample mid-range and interquartiles. Statistics & probability letters, 27, 2 (1996), 131–136.

3. BlueHat. 2019. Memory corruption is still the most prevalent security vulnerability. https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/ Accessed: 2020-02-11. BlueHat. 2019. Memory corruption is still the most prevalent security vulnerability. https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/ Accessed: 2020-02-11.

4. Garbage collection in an uncooperative environment

5. Dependent Types for Low-Level Programming

Cited by 10 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Embedding Rust within Open MPI;Proceedings of the SC '23 Workshops of The International Conference on High Performance Computing, Network, Storage, and Analysis;2023-11-12

2. MIFP: Selective Fat-Pointer Bounds Compression for Accurate Bounds Checking;Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses;2023-10-16

3. Towards Rehosting Embedded Applications as Linux Applications;2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S);2023-06

4. TEEzz: Fuzzing Trusted Applications on COTS Android Devices;2023 IEEE Symposium on Security and Privacy (SP);2023-05

5. Improving Automatic C-to-Rust Translation with Static Analysis;2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion);2023-05