Static Analysis To Improve Compiler Sanitization

Software security problems in inherently unsafe languages (C/C++) can be addressed by compiler tools that automatically insert checks that trap execution when exploitable faults are encountered at runtime. Such checks are seldom incorporated in production code because of the performance cost they impose, as the check injection to ensure safety is applied indiscriminately to every memory access. Our lab has developed static analysis methods to eliminate runtime checks that can be proven to be unnecessary. The benefit of this is to reduce overhead, improving security of running code at reasonable performance cost. In the current work we present results with benchmark programs that demonstrate the promise of this approach. Using the static analysis frameworks frama-C and CodeSurfer, variables value constraints and code dependency traces are converted to annotations inserted in the source code. Customized LLVM compiler passes incorporate these annotations into variable-attached metadata. During passes that insert runtime security checks, this metadata validates skipping check insertion in instances where the variable value has been proven to be safe. The LLVM compiler “safecode” pass which provides memory safety has so far proved only partially successful; improvements in this pass may manifest in the next iteration of our software. The LLVM compiler “integer overflow” pass exhibited excellent improvement in most of the benchmarks tested. In several benchmarks, over 80% of the runtime performance overhead due to these security checks was mitigated by our optimization protocol. Removal os “address sanitization” checks was also generally successful, delivering mitigation of more than 50% of the checks-imposed overhead for several benchmarks. The safety checks we studied can effectively elimnate vulnerabilities due to buffer overflow, integer overflow, and use-after-free scenarios. Our protocol greatly enhances the usability of these compiler-generated runtime protections.