Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model

Manuel Rigger; Roland Schatz; Rene Mayrhofer; Matthias Grimmer; Hanspeter Mössenböck

doi:10.1145/3173162.3173174

Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model

Manuel Rigger
, Roland Schatz
, Rene Mayrhofer
, Matthias Grimmer
, Hanspeter Mössenböck

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

In C, memory errors, such as buffer overflows, are among the most dangerous software errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to detect such errors are based on the low-level execution model of the underlying machine. They insert additional checks in an adhoc fashion, which makes them prone to omitting checks for corner cases. To address this, we devised a novel approach to finding bugs during the execution of a program. At the core of this approach is an interpreter written in a high-level language that performs automatic checks (such as bounds, NULL, and type checks). By mapping data structures in C to those of the high-level language, accesses are automatically checked and bugs discovered. We have implemented this approach and show that our tool (called Safe Sulong) can find bugs that state-of-the-art tools overlook, such as out-of-bounds accesses to the main function arguments.

Original language	English
Title of host publication	Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems
Place of Publication	New York
Publisher	ACM
Pages	377-391
Number of pages	15
ISBN (Print)	978-1-4503-4911-6
DOIs	https://doi.org/10.1145/3173162.3173174
Publication status	Published - 2018

Fields of science

102 Computer Sciences
102016 IT security

JKU Focus areas

Engineering and Natural Sciences (in general)

Access to Document

10.1145/3173162.3173174

Cite this

Rigger, M., Schatz, R., Mayrhofer, R., Grimmer, M., & Mössenböck, H. (2018). Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems (pp. 377-391). ACM. https://doi.org/10.1145/3173162.3173174

@inproceedings{e2eb83dce5a34e7eaa430714f795bd85,

title = "Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model",

abstract = "In C, memory errors, such as buffer overflows, are among the most dangerous software errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to detect such errors are based on the low-level execution model of the underlying machine. They insert additional checks in an adhoc fashion, which makes them prone to omitting checks for corner cases. To address this, we devised a novel approach to finding bugs during the execution of a program. At the core of this approach is an interpreter written in a high-level language that performs automatic checks (such as bounds, NULL, and type checks). By mapping data structures in C to those of the high-level language, accesses are automatically checked and bugs discovered. We have implemented this approach and show that our tool (called Safe Sulong) can find bugs that state-of-the-art tools overlook, such as out-of-bounds accesses to the main function arguments.",

author = "Manuel Rigger and Roland Schatz and Rene Mayrhofer and Matthias Grimmer and Hanspeter M{\"o}ssenb{\"o}ck",

year = "2018",

doi = "10.1145/3173162.3173174",

language = "English",

isbn = "978-1-4503-4911-6",

pages = "377--391",

booktitle = "Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems",

publisher = "ACM",

}

Rigger, M, Schatz, R, Mayrhofer, R, Grimmer, M & Mössenböck, H 2018, Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. in Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, New York, pp. 377-391. https://doi.org/10.1145/3173162.3173174

Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. / Rigger, Manuel; Schatz, Roland; Mayrhofer, Rene et al.
Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2018. p. 377-391.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

TY - GEN

T1 - Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model

AU - Rigger, Manuel

AU - Schatz, Roland

AU - Mayrhofer, Rene

AU - Grimmer, Matthias

AU - Mössenböck, Hanspeter

PY - 2018

Y1 - 2018

N2 - In C, memory errors, such as buffer overflows, are among the most dangerous software errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to detect such errors are based on the low-level execution model of the underlying machine. They insert additional checks in an adhoc fashion, which makes them prone to omitting checks for corner cases. To address this, we devised a novel approach to finding bugs during the execution of a program. At the core of this approach is an interpreter written in a high-level language that performs automatic checks (such as bounds, NULL, and type checks). By mapping data structures in C to those of the high-level language, accesses are automatically checked and bugs discovered. We have implemented this approach and show that our tool (called Safe Sulong) can find bugs that state-of-the-art tools overlook, such as out-of-bounds accesses to the main function arguments.

AB - In C, memory errors, such as buffer overflows, are among the most dangerous software errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to detect such errors are based on the low-level execution model of the underlying machine. They insert additional checks in an adhoc fashion, which makes them prone to omitting checks for corner cases. To address this, we devised a novel approach to finding bugs during the execution of a program. At the core of this approach is an interpreter written in a high-level language that performs automatic checks (such as bounds, NULL, and type checks). By mapping data structures in C to those of the high-level language, accesses are automatically checked and bugs discovered. We have implemented this approach and show that our tool (called Safe Sulong) can find bugs that state-of-the-art tools overlook, such as out-of-bounds accesses to the main function arguments.

U2 - 10.1145/3173162.3173174

DO - 10.1145/3173162.3173174

M3 - Conference proceedings

SN - 978-1-4503-4911-6

SP - 377

EP - 391

BT - Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems

PB - ACM

CY - New York

ER -