Programs written in type-unsafe languages such as C and C++ incur memory errors such as buffer overruns and dangling pointers that result in corrupted data structures, program crashes, and security vulnerabilities. Traditionally, memory corruptions are considered unrecoverable and all memory errors are considered equally destructive. In this talk, I present two approaches that challenge this view. I describe Exterminator and Samurai, runtime systems that take different approaches to detecting, correcting, and tolerating memory corruptions. In Exterminator (joint work with Emery Berger and Gene Novark), we detect and correct memory errors using three mechanisms: a randomized heap, a heap differencing algorithm, and a correcting memory allocator. We show that this technique is both efficient and effective at finding buffer overflows large-scale applications, such as a Web browser.
In Samurai (joint work with Karthik Pattabiraman and Vinod Grover), we define a new memory model, critical memory, that allows programmers to reason locally about updates to their data in type unsafe languages while at the same time maintaining compatibility with existing libraries and 3rd-party code. Based on replication, Samurai provides new memory operations, critical load and critical store, whose effect dominates the effect of other program loads and stores. We demonstrate the effectiveness of this approach by protecting the metadata in an STL List implementation and a dynamic memory allocation library.
Publications describing this work are available from my website:
Ben Zorn is a Principal Researcher leading the Software Design and Implementation Group in Microsoft Research. After receiving a PhD in Computer Science from UC Berkeley in 1989, he served eight years on the Computer Science faculty at the University of Colorado in Boulder, receiving tenure and being promoted to Associate Professor in 1996. He left the University of Colorado in 1998 to become a Senior Researcher at Microsoft Research, where he currently works. Dr. Zorn's research interests include programming language design and implementation, reliability, fault tolerance, security, and performance. He has served as an Associate Editor of the ACM journals Transactions on Programming Languages and Systems and Transactions on Architecture and Code Optimization. He currently serves as a Member-at-Large of the ACM SIGPLAN Executive Committee. For more information, visit his web page: http://research.microsoft.com/~zorn/