Memory safety


Memory safety

Memory safety is a concern in software development that aims to avoid software bugs that cause security vulnerabilities dealing with random-access memory (RAM) access, such as buffer overflows and dangling pointers.

Computer languages such as C and C++ that support arbitrary pointer arithmetic, casting, and deallocation are typically not memory safe. One way to find errors in such programs is to use special heap allocators that provide dead zones around heap allocated storage, and check that accesses don't reach into such dead zones. DieHard[1] does this by allocating objects in their own virtual memory page. Other tools SoftBound[2] and CheckPointer[3] instrument the source code to collect and track legitimate values for pointers ("metadata") and check each pointer access against the metadata for validity.

The Cyclone language uses a hybrid approach, including "fat pointers" (pointers that carry their metadata directly)[4] and regions[5] to give programmers some low-level control while still ensuring memory safety.

Most high-level programming languages avoid the problem by disallowing pointer arithmetic and casting entirely, and by enforcing tracing garbage collection as the sole memory management scheme.[citation needed]

A language could support even more uses of pointer arithmetic, casting, and deallocation without sacrificing memory safety by using automated theorem proving as a form of static code analysis. ESC/Java and D demonstrate two ways that programmers can declare their invariants in ways that can be understood by a theorem prover.[citation needed]

Contents

Security vulnerabilities

  • Dangling pointer - A pointer storing the address of an object that has been deleted.
  • Wild pointers arise when a pointer is used prior to initialization to some known state, which is possible in some programming languages. They show the same erratic behaviour as dangling pointers, though they are less likely to stay undetected.
  • Buffer overflow - Out-of bound writes can corrupt the content of object already present on the heap.
  • Stack overflow - similar to the Buffer overflow.
  • Double frees - Repeated call to free though the object has been already freed can cause freelist-based allocators to fail.
  • Invalid Free - Passing an invalid address to free can corrupt the heap. Or sometimes will lead to an undefined behavior.

Dangling pointer

Dangling Pointer

Dangling pointer points to a memory location which is being removed.

e.g.
    int *a = new int;
    int *b = a;
    delete b;

here 'a' and 'b' is now a Dangling pointer

Buffer overflow

Buffers is a temporary data storage area. Buffer overflow is the most common way for an attacker outside the system to gain unauthorized access to the target system. A buffer overflow occurs when a program tries to store more data in a buffer than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.It allows attacker to interfere into the existing process code. Attacker uses buffer or stack overflow to do following,

  • Overflow the input field, command line space or input buffer.
  • Overwrite the current return address on the stack with the address of the attacking code.
  • write a simple code that attacker wishes to execute.

E.g.consider the following program

#include <stdio.h>
#define ARRAY_SIZE 128
int main(int argc, char *argv[])
{
   char arr[ARRAY_SIZE];
   if(argc < 2)
       return -1;
   else
   {
       strcpy(arr, argv[1]);
       return 0;
   }
}

As long as the size of this array is less than ARRAY_SIZE program works properly.If the size of the command line argument is greater than that ARRAY_SIZE then it won't work properly. strcpy function will work until it encounters NULL terminator(\0) or until the program crashes.This program suffers from the buffer overflow problem.

  • Solution for this problem is that the feature that will not allow execution of code in stack section of memory.[6]

Some programming languages are immune to buffer overflow.Perl automatically resizes arrays, and Ada95 detects and prevents buffer overflow.

References

  1. ^ DieHard
  2. ^ SoftBound
  3. ^ CheckPointer
  4. ^ Pointers
  5. ^ Region based
  6. ^ Operating Systeme Concepts, 8



Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Memory management — is the act of managing computer memory. The essential requirement of memory management is to provide ways to dynamically allocate portions of memory to programs at their request, and freeing it for reuse when no longer needed. This is critical to …   Wikipedia

  • Memory segmentation — is the division of computer memory into segments or sections. Segments or sections are also used in object files of compiled programs when they are linked together into a program image, or the image is loaded into memory. In a computer system… …   Wikipedia

  • Memory corruption — happens when the contents of a memory location are unintentionally modified due to programming errors; this is known as violating memory safety. When the corrupted memory contents are used later in the computer program, it leads either to program …   Wikipedia

  • Memory leak — A memory leak, in computer science (or leakage, in this context), occurs when a computer program consumes memory but is unable to release it back to the operating system. In object oriented programming, a memory leak happens when an object is… …   Wikipedia

  • Memory management unit — This 68451 MMU could be used with the Motorola 68010 A memory management unit (MMU), sometimes called paged memory management unit (PMMU), is a computer hardware component responsible for handling accesses to memory requested by the CPU. Its… …   Wikipedia

  • Memory for the future — refers to the ability to use memory to picture and plan future events. It is a subcategory of mental time travel which Suddendorf and Corballis described to be the process that allows people to imagine both past and potential future events.… …   Wikipedia

  • Memory foam — is polyurethane with additional chemicals increasing its viscosity and density. It is often referred to as visco elastic polyurethane foam, or low resilience polyurethane foam (see LRPu). Higher density memory foam softens in reaction to body… …   Wikipedia

  • MEMORY — holocaust literature in european languages historiography of the holocaust holocaust studies Documentation, Education, and Resource Centers memorials and monuments museums film survivor testimonies Holocaust Literature in European Languages The… …   Encyclopedia of Judaism

  • Type safety — In computer science, type safety is a property of some programming languages that is defined differently by different communities, but most definitions involve the use of a type system to prevent certain erroneous or undesirable program behavior… …   Wikipedia

  • Region-based memory management — In computer science, region based memory management is a type of memory management in which each allocated object is assigned to a region. A region, also called a zone, arena, or memory context, is a collection of allocated objects that can be… …   Wikipedia