# CUP: Comprehensive User-Space Protection for C/C++

**Authors:** Nathan Burow, Derrick McKee, Scott A. Carr, Mathias Payer

arXiv: 1704.05004 · 2019-11-27

## TL;DR

CUP is an LLVM sanitizer that offers comprehensive spatial and probabilistic temporal memory safety for C/C++ programs on 64-bit architectures, covering all data types and system libraries, significantly reducing false negatives and eliminating false positives.

## Contribution

CUP introduces a hybrid metadata scheme supporting all program data and maintains ABI, providing complete user-space memory safety in C/C++ with improved accuracy over existing sanitizers.

## Key findings

- Reduces false negatives by 10x compared to existing sanitizers.
- Produces no false positives in testing.
- Supports all program data including globals, heap, and stack.

## Abstract

Memory corruption vulnerabilities in C/C++ applications enable attackers to execute code, change data, and leak information. Current memory sanitizers do no provide comprehensive coverage of a program's data. In particular, existing tools focus primarily on heap allocations with limited support for stack allocations and globals. Additionally, existing tools focus on the main executable with limited support for system libraries. Further, they suffer from both false positives and false negatives.   We present Comprehensive User-Space Protection for C/C++, CUP, an LLVM sanitizer that provides complete spatial and probabilistic temporal memory safety for C/C++ program on 64-bit architectures (with a prototype implementation for x86_64). CUP uses a hybrid metadata scheme that supports all program data including globals, heap, or stack and maintains the ABI. Compared to existing approaches with the NIST Juliet test suite, CUP reduces false negatives by 10x (0.1%) compared to the state of the art LLVM sanitizers, and produces no false positives. CUP instruments all user-space code, including libc and other system libraries, removing them from the trusted code base.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1704.05004/full.md

## Figures

1 figure with captions in the complete paper: https://tomesphere.com/paper/1704.05004/full.md

## References

44 references — full list in the complete paper: https://tomesphere.com/paper/1704.05004/full.md

---
Source: https://tomesphere.com/paper/1704.05004