摘 要:语言广泛应用于嵌入式软件和系统软件的开发,它提供了更直接的底层内存控制,但却缺少对内存访问安全性的检测,导致 C 程序运行时可能产生内存安全性错误。当前,开发人员力求通过多种验证技术解决内存安全性错误,最常用的是运行时验证技术。文章首先对 C 程序常见的内存安全性错误进行分析,然后介绍几种相关的内存分析技术,最后分别对几种常用的 C 程序内存安全性检测工具进行介绍和比较,为接下来的研究工作提供了方向性参考。
关键词:C 程序;内存错误;运行时验证;AddressSanitizer;Movec
DOI:10.19850/j.cnki.2096-4706.2021.23.022
基金项目:国家自然科学基金:航电系统 软件可靠性的形式化验证技术研究(U1533130)
中图分类号:TP311 文献标识码:A 文章编号:2096-4706(2021)23-0084-04
Overview of C Language Memory Safety Runtime Verification Technology
ZHANG Qi, LIU Yichen
(College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China)
Abstract: C language is widely used in the development of embedded software and system software. It provides more direct underlying memory control but lacks the detection of memory access security, which causes memory security errors when C programs are running. At present, developers strive to solve memory security errors through a variety of verification technologies, the most commonly used is runtime verification technology. This paper first analyzes common memory security errors in C programs, then introduces several related memory analysis techniques, and finally introduces and compares several commonly used C program memory security detection tools. It provides direction reference for the following research work.
Keywords: C program; memory error; runtime verification; Address Sanitizer; Movec
参考文献:
[1] John,Matt,Pravir. Network security with openSSL: cryptography for secure communications [M].O’Reilly Media,2002.
[2] 曹志波 .OpenSSL 的心脏出血漏洞 [J]. 电子技术与软件工程,2017(13):263.
[3] AUSTIN T M,BREACH S E,SOHI G S. Efficient detection of all pointer and array access errors [J].ACM SIGPLAN Notices, 1994,29(6):290-301.
[4] 严俊琦,陈哲,黄志球 .C 程序内存安全的运行时检测方法研究和实现 [J]. 小型微型计算机系统,2017,38(10):2358-2362.
[5] 李文明,陈哲,李绪蓉,等 .C 程序数组越界的运行时验证技术研究与实现 [J]. 计算机工程与应用,2015,51(11):190- 195+211.
[6] MA R,Chen L K,Hu C Z,et al. A dynamic detection method to C/C++ programs memory vulnerabilities based on pointer analysis [C]//2013 IEEE 11th International Conference on Dependable, Autonomic and Secure Computing. Chengdu:IEEE,2013:52-57.
[7] XU W,DUVARNEY D C,SEKAR R. An efficient and backwards-compatible transformation to ensure memory safety of C programs [C]//ACM SIGSOFT twelfth international symposium on Foundations of software engineering. Newport Beach:Stony Brook University,2004:117-126.
[8] STEPANOV E,SEREBRYANY K. MemorySanitizer: Fast detector of uninitialized memory use in C++ [C]//2015 IEEE/ACM International Symposium on Code Generation and Optimization (CGO). San Francisco:IEEE,2015:46-55.
[9] SEREBRYANY K,BRUENING D,POTAPENKO A,et al. Addresssanitizer: A fast address sanity checker [C]//Usenix Conference on Technical Conference. USENIX Association,2012:309-318.
[10] NAGARAKATTE S,ZHAO J,MARTIN M M K,et al. SoftBound: Highly compatible and complete spatial memory safety for C [C]//Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation. Dublin:ACM,2009:245-258.
[11] Frascaroli J,Brivio S,Covi E,et al. Evidence of soft bound behaviour in analogue memristive devices for neuromorphic computing [J].Scientific reports,2018,8(1):1-12.
[12] Nethercote N,Seward J. Valgrind: a framework for heavyweight dynamic binary instrumentation [J].ACM Sigplan notices, 2007,42(6):89-100.
[13] Nethercote N,Seward J. Valgrind: A program supervision framework [J].Electronic notes in theoretical computer science,2003, 89(2):44-66.
作者简介:张琦(1992—),男,汉族,江苏连云港人,硕士研究生在读,主要研究方向:软件验证;刘一辰(1999—),男,汉族, 河北邢台人,硕士研究生在读,主要研究方向:软件验证。