Compiler Design Lab

Memory Safety Seminar

The discussed papers are about weakly typed languages such as C and their impact on the security of programs written in those languages. Topics include: memory safety, programming languages, security, run-time systems, static analysis.

People

Sebastian Hack, Tina Jung, Fabian Ritter

Organization

Language English
Participants 12 / 12 (seats taken / maximum seats)
Waiting list 6 (please attend the Preparatory Meeting)
Preparatory Meeting Friday, 13.04.18, 14:00 c.t., E1.3 room 401
Weekly Meeting Fridays, 14:00 c.t., E1.3 room 401
Prerequisites Preferably, you have taken part in the compiler construction or security course.
Topics Papers from programming languages, security, program analysis

Registration

Write a mail to Tina Jung until Wednesday, 11.04.18. This email should include:

  1. full name
  2. semester
  3. major
  4. matriculation number
Note that you still have to register for the Seminar in the LSF until May 06th to get a certificate for the seminar.

Modus Operandi

A paper will be assigned to each participant. We will have weekly meetings during the semester in which we will discuss one of the assigned papers. The discussion will be managed by the student to whom the paper was assigned. She/he is responsible for giving a short summary on the paper and for structuring the following discussion.

Weekly Summaries

Every week each student has to write a plain text summary (max. 500 words) on the week's paper. This summary should include open questions and is to be submitted to Tina Jung three days before the corresponding meeting (23:59).

The submitted files must follow the naming scheme:

<two-digit-paper-number>_<matriculation-number>.txt

The summaries of all participants will be made available and can be used by the moderator to structure the discussion in the following meeting.

Each participant is allowed to drop two summaries without any particular reason. In case you drop a summary, please send a short mail telling so.

Final Talks

At the end of the semester each participant will give a presentation 30 minutes (25 min talk + 5 min questions) about her/his paper.

Dates

Sessions

Date Moderator Paper
April 20 Kallistos Weis Backwards-compatible bounds checking for arrays and pointers in C programs Alternative Link
April 27 Matthis Kruse CETS: Compiler-Enforced Temporal Safety for C
May 04 Florena Florena Raja Cyclone: A Safe Dialect of C Alternative Link
May 11 No Meeting
May 18 Simon Engel CCured: type-safe retrofitting of legacy software
May 25 Guillermo Alberto Aguilar Echavarria Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors
June 01 No Meeting
June 08 No Meeting
June 15 Evgeniya Khasina Heap bounds protection with low fat pointers
June 22 Bakhtiar Ali Shah Control-Flow Integrity
June 29 Stefan Oswald Practical memory checking with Dr. Memory
July 06 Philip Bruno Gebel DangSan: Scalable Use-after-free Detection
July 13 No Meeting
July 20 No Meeting

Final Talks

Date Speaker
13th Aug. 10:00 - 10:30 Kallistos Weis
13th Aug. 10:30 - 11:00 Guillermo Alberto Aguilar Echavarria
13th Aug. 11:00 - 11:30 Evgeniya Khasina
13th Aug. 11:30 - 13:00 Lunch Break
13th Aug. 13:00 - 13:30 Matthis Kruse
13th Aug. 13:30 - 14:00 Philip Bruno Gebel
14th Aug. 10:30 - 11:00 Florena Florena Raja
14th Aug. 11:00 - 11:30 Simon Engel
14th Aug. 11:30 - 13:00 Lunch Break
14th Aug. 13:00 - 13:30 Bakhtiar Ali Shah
14th Aug. 13:30 - 14:00 Stefan Oswald

Papers

All papers are available from the university network (how to connect to the university network from home).

    Holistic Approaches

  1. T. Jim, G. Morrisett, D. Grossmann, M. Hicks, J. Cheney, Y. Wang:
    Cyclone: A Safe Dialect of C Alternative Link
  2. G.C. Necula, J. Condit, M. Harren, S. McPeak, W. Weimer:
    CCured: type-safe retrofitting of legacy software
  3. D. Bruening, Q. Zhao:
    Practical memory checking with Dr. Memory

    4. Software Approaches for Spatial Memory Safety

  4. P. Akritidis, M. Costa, M. Castro, S. Hand:
    Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors
  5. G.J. Duck, R.H.C. Yap:
    Heap bounds protection with low fat pointers
  6. H. Nazare, I. Maffra, W. Santos, L. Barbosa, L. Gonnord, F.M.Q. Pereira:
    Validation of memory accesses through symbolic analyses
  7. R. Bodik, R. Gupta, V. Sarkar:
    ABCD: eliminating array bounds checks on demand
  8. D. Ye, Y. Su, Y. Sui, J. Xue:
    WPBOUND: Enforcing Spatial Memory Safety Efficiently at Runtime with Weakest Preconditions
  9. R.W.M. Jones, P.H.J. Kelly:
    Backwards-compatible bounds checking for arrays and pointers in C programs
  10. D. Dhurjati, V. Adve:
    Backwards-compatible array bounds checking for C with very low overhead
  11. S. Nagarakatte, J. Zhao, M.M.K. Martin, S. Zdancewic:
    SoftBound: highly compatible and complete spatial memory safety for C
  12. M. Abadi, M. Budiu, U. Erlingsson, J. Ligatti:
    Control-Flow Integrity

    13. Software Approaches for Temporal Memory Safety

  13. E. van der Kouwe, V. Nigade, C. Giuffrida:
    DangSan: Scalable Use-after-free Detection
  14. S. Nagarakatte, J. Zhao, M.M.K. Martin, S. Zdancewic:
    CETS: Compiler-Enforced Temporal Safety for C

    15. Hardware Approaches

  15. J. Woodruff, R.N.M. Watson, D. Chisnall, S.W. Moore, J. Anderson, B. Davis, B. Laurie, P.G. Neumann, R. Norton, M. Roe:
    The CHERI capability model: revisiting RISC in an age of risk
  16. S. Nagarakatte, M.M.K. Martin, S. Zdancewic:
    WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking
  17. O. Oleksenko, D. Kuvaiskii, P. Bhatotia, P. Felber, C. Fetzer:
    Intel MPX Explained: An Empirical Study of Intel MPX and Software-based Bounds Checking Approaches