SafeOSL: ensuring memory safety of C via ownership-based intermediate language
The unsafe features of C make it a big challenge to ensure memory safety of C programs, and often lead to memory errors that can result in vulnerabilities. Various formal verification techniques for ensuring memory safety of C have been proposed. However, most of them either have a high overhead, su...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/164130 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-164130 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1641302023-01-05T08:06:25Z SafeOSL: ensuring memory safety of C via ownership-based intermediate language Yin, Xiaohua Huang, Zhiqiu Kan, Shuanglong Shen, Guohua Chen, Zhe Liu, Yang Wang, Fei School of Computer Science and Engineering Engineering::Computer science and engineering Memory Errors Memory Safety The unsafe features of C make it a big challenge to ensure memory safety of C programs, and often lead to memory errors that can result in vulnerabilities. Various formal verification techniques for ensuring memory safety of C have been proposed. However, most of them either have a high overhead, such as state explosion problem in model checking, or have false positives, such as abstract interpretation. In this article, by innovatively borrowing ownership system from Rust, we propose a novel and sound static memory safety analysis approach, named SafeOSL. Its basic idea is an ownership-based intermediate language, called ownership system language (OSL), which captures the features of the ownership system in Rust. Ownership system specifies the relations among variables and memory locations, and maintains invariants that can ensure memory safety. The semantics of OSL is formalized in K-framework, which is a rewriting-logic based tool. C programs to be checked are first transformed into OSL programs and then detected by OSL semantics. Experimental results have demonstrated that SafeOSL is effective in detecting memory errors of C. Moreover, the translations and experiments indicate that the intermediate language OSL could be reused by other programming languages to detect memory errors. This work was supported by the National Natural Science Foundation of China (No. 61902180, 61772270, 62172217, U1533130), and National Key Research and Development Program of China (No. 2018YFB1003902). 2023-01-05T08:06:25Z 2023-01-05T08:06:25Z 2022 Journal Article Yin, X., Huang, Z., Kan, S., Shen, G., Chen, Z., Liu, Y. & Wang, F. (2022). SafeOSL: ensuring memory safety of C via ownership-based intermediate language. Software: Practice and Experience, 52(5), 1114-1142. https://dx.doi.org/10.1002/spe.3057 0038-0644 https://hdl.handle.net/10356/164130 10.1002/spe.3057 2-s2.0-85120477554 5 52 1114 1142 en Software: Practice and Experience © 2021 John Wiley & Sons, Ltd. All rights reserved. |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering Memory Errors Memory Safety |
| spellingShingle |
Engineering::Computer science and engineering Memory Errors Memory Safety Yin, Xiaohua Huang, Zhiqiu Kan, Shuanglong Shen, Guohua Chen, Zhe Liu, Yang Wang, Fei SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| description |
The unsafe features of C make it a big challenge to ensure memory safety of C programs, and often lead to memory errors that can result in vulnerabilities. Various formal verification techniques for ensuring memory safety of C have been proposed. However, most of them either have a high overhead, such as state explosion problem in model checking, or have false positives, such as abstract interpretation. In this article, by innovatively borrowing ownership system from Rust, we propose a novel and sound static memory safety analysis approach, named SafeOSL. Its basic idea is an ownership-based intermediate language, called ownership system language (OSL), which captures the features of the ownership system in Rust. Ownership system specifies the relations among variables and memory locations, and maintains invariants that can ensure memory safety. The semantics of OSL is formalized in K-framework, which is a rewriting-logic based tool. C programs to be checked are first transformed into OSL programs and then detected by OSL semantics. Experimental results have demonstrated that SafeOSL is effective in detecting memory errors of C. Moreover, the translations and experiments indicate that the intermediate language OSL could be reused by other programming languages to detect memory errors. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Yin, Xiaohua Huang, Zhiqiu Kan, Shuanglong Shen, Guohua Chen, Zhe Liu, Yang Wang, Fei |
| format |
Article |
| author |
Yin, Xiaohua Huang, Zhiqiu Kan, Shuanglong Shen, Guohua Chen, Zhe Liu, Yang Wang, Fei |
| author_sort |
Yin, Xiaohua |
| title |
SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| title_short |
SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| title_full |
SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| title_fullStr |
SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| title_full_unstemmed |
SafeOSL: ensuring memory safety of C via ownership-based intermediate language |
| title_sort |
safeosl: ensuring memory safety of c via ownership-based intermediate language |
| publishDate |
2023 |
| url |
https://hdl.handle.net/10356/164130 |
| _version_ |
1754611267522265088 |