Projects per year
Abstract
In low-level languages such as C, spatial and temporal safety errors (e.g. buffer overflows or dangling pointer dereferences) are hard to find and can cause security vulnerabilities. Modern high-level languages such as Java avoid these problems by running programs on a virtual machine that provides automated memory management.
In this paper we show how we can safely execute C code on top of a modern runtime (e.g., a Java Virtual Machine) by allocating all data on the managed heap. We reuse the memory management of the runtime, hence, we can ensure spatial and temporal safety with little effort. Nevertheless, we retain all characteristics that are typical for unsafe languages (such as pointer arithmetic, pointers into objects, or arbitrary type casts).We discuss how our approach complies with the C99 standard.
Compared to an optimized unsafe execution of a C program (compiled with the GNU C compiler and all optimizations enabled) our approach has overhead of 15% on average (peak-performance).
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security, PLAS 2015 |
| Publisher | ACM New York |
| Pages | 16-27 |
| Number of pages | 12 |
| ISBN (Electronic) | 9781450336611 |
| ISBN (Print) | 978-1-4503-3661-1 |
| DOIs | |
| Publication status | Published - 04 Jul 2015 |
Fields of science
- 102 Computer Sciences
- 102009 Computer simulation
- 102011 Formal languages
- 102013 Human-computer interaction
- 102022 Software development
- 102024 Usability research
- 102029 Practical computer science
JKU Focus areas
- Computation in Informatics and Mathematics
- Engineering and Natural Sciences (in general)
Projects
- 1 Active
-
Java VM Compiler Performance (Oracle)
Mössenböck, H. (PI)
01.01.2001 → 31.05.2026
Project: Contract research › Industry project