Presentation is loading. Please wait.

Presentation is loading. Please wait.

CCured in the Real World Jeremy ConditMatthew Harren Scott McPeakGeorge Necula Westley Weimer OSQ Retreat May 14, 2003.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CCured in the Real World Jeremy ConditMatthew Harren Scott McPeakGeorge Necula Westley Weimer OSQ Retreat May 14, 2003."— Presentation transcript:

1 CCured in the Real World Jeremy ConditMatthew Harren Scott McPeakGeorge Necula Westley Weimer OSQ Retreat May 14, 2003

2 CCured Review  What: Guarantee memory safety in (legacy) C programs  Why: Useful for debugging, security  How: Static analysis + runtime checks. –Add bounds information, other metadata to each pointer

3 New Features 1. Physical subtyping: struct {char*; int}* <: struct {char*}* 2. Runtime Type Information for checked downcasts. 3. Split representation of metadata allows interoperability with precompiled libraries.

4 Experiments  Benchmark suites: SPEC95, Olden, Ptrdist –Less than 87% slowdown in all cases –Less than 20% slowdown in half of the cases –Purify and Valgrind have slowdown factor of 5- 120  Minimal slowdown on I/O-bound applications –Linux kernel modules, Apache modules  Cured many security-critical applications –Includes: sendmail, bind, ftpd, OpenSSL/SSH –Can prevent known security flaws –Can be used in production environments

Download ppt "CCured in the Real World Jeremy ConditMatthew Harren Scott McPeakGeorge Necula Westley Weimer OSQ Retreat May 14, 2003."

Similar presentations

HardBound: Architectural Support for Spatial Safety of the C Programming Language Joe Devietti *, Colin Blundell, Milo Martin, Steve Zdancewic * University.

HardBound: Architectural Support for Spatial Safety of the C Programming Language Joe Devietti *, Colin Blundell, Milo Martin, Steve Zdancewic * University.
The Interface Definition Language for Fail-Safe C Kohei Suenaga, Yutaka Oiwa, Eijiro Sumii, Akinori Yonezawa University of Tokyko.

The Interface Definition Language for Fail-Safe C Kohei Suenaga, Yutaka Oiwa, Eijiro Sumii, Akinori Yonezawa University of Tokyko.
Portability and Safety Mahdi Milani Fard Dec, 2006 Java.

Portability and Safety Mahdi Milani Fard Dec, 2006 Java.
Capriccio: Scalable Threads for Internet Services Rob von Behren, Jeremy Condit, Feng Zhou, Geroge Necula and Eric Brewer University of California at Berkeley.

Capriccio: Scalable Threads for Internet Services Rob von Behren, Jeremy Condit, Feng Zhou, Geroge Necula and Eric Brewer University of California at Berkeley.
Two alternatives of C: Cyclone and Vault Keami Hung February 01, 2007.

Two alternatives of C: Cyclone and Vault Keami Hung February 01, 2007.
INF 212 ANALYSIS OF PROG. LANGS Type Systems Instructors: Crista Lopes Copyright © Instructors.

INF 212 ANALYSIS OF PROG. LANGS Type Systems Instructors: Crista Lopes Copyright © Instructors.
Coolaid: Debugging Compilers with Untrusted Code Verification Bor-Yuh Evan Chang with George Necula, Robert Schneck, and Kun Gao May 14, 2003 OSQ Retreat.

Coolaid: Debugging Compilers with Untrusted Code Verification Bor-Yuh Evan Chang with George Necula, Robert Schneck, and Kun Gao May 14, 2003 OSQ Retreat.
SAFECode SAFECode: Enforcing Alias Analysis for Weakly Typed Languages Dinakar Dhurjati University of Illinois at Urbana-Champaign Joint work with Sumant.

SAFECode SAFECode: Enforcing Alias Analysis for Weakly Typed Languages Dinakar Dhurjati University of Illinois at Urbana-Champaign Joint work with Sumant.
Korey Breshears. Overview  What are automated security tools?  Why do we need them?  What types of tools are there?  What problems do these tools.

Korey Breshears. Overview  What are automated security tools?  Why do we need them?  What types of tools are there?  What problems do these tools.
Introduction The Approach ’ s Overview A Language of Pointers The Type System Operational Semantics Type Safety Type Inference The Rest of C Experiments.

Introduction The Approach ’ s Overview A Language of Pointers The Type System Operational Semantics Type Safety Type Inference The Rest of C Experiments.
Strength Through Typing: A more powerful dependently-typed assembly language Matt Harren George Necula OSQ 2004.

Strength Through Typing: A more powerful dependently-typed assembly language Matt Harren George Necula OSQ 2004.
Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.

Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.
Capriccio: Scalable Threads for Internet Services Rob von Behren, Jeremy Condit, Feng Zhou, Geroge Necula and Eric Brewer University of California at Berkeley.

Capriccio: Scalable Threads for Internet Services Rob von Behren, Jeremy Condit, Feng Zhou, Geroge Necula and Eric Brewer University of California at Berkeley.
Data Modeling for Program Analysis Scott McPeak OSQ Retreat.

Data Modeling for Program Analysis Scott McPeak OSQ Retreat.
CIL: Infrastructure for C Program Analysis and Transformation George C. Necula, Scott McPeak, S. P. Rahul, Westley Weimer

CIL: Infrastructure for C Program Analysis and Transformation George C. Necula, Scott McPeak, S. P. Rahul, Westley Weimer
Region-Based Memory Management in Cyclone Dan Grossman Cornell University June 2002 Joint work with: Greg Morrisett, Trevor Jim (AT&T), Michael Hicks,

Region-Based Memory Management in Cyclone Dan Grossman Cornell University June 2002 Joint work with: Greg Morrisett, Trevor Jim (AT&T), Michael Hicks,
Run-Time Error Handling Wes Weimer, George Necula.

Run-Time Error Handling Wes Weimer, George Necula.
By: Bryan Dixon.  Performance  Explicit Memory Management  Fine-grained control over assembly level data representation.

By: Bryan Dixon.  Performance  Explicit Memory Management  Fine-grained control over assembly level data representation.
U NIVERSITY OF M ASSACHUSETTS A MHERST Department of Computer Science PLDI 2006 DieHard: Probabilistic Memory Safety for Unsafe Programming Languages Emery.

U NIVERSITY OF M ASSACHUSETTS A MHERST Department of Computer Science PLDI 2006 DieHard: Probabilistic Memory Safety for Unsafe Programming Languages Emery.
HARDBOUND: ARCHITECURAL SUPPORT FOR SPATIAL SAFETY OF THE C PROGRAMMING LANGUAGE Kyle Yan Yu Xing 2014/10/15.

HARDBOUND: ARCHITECURAL SUPPORT FOR SPATIAL SAFETY OF THE C PROGRAMMING LANGUAGE Kyle Yan Yu Xing 2014/10/15.

Similar presentations

Ads by Google