Context-aware Failure-oblivious Computing as a Means of Preventing Buffer Overflows

TL;DR

This paper proposes a novel method for handling buffer overflows in C programs by using context-aware, failure-oblivious computing techniques that prevent program termination and improve system availability.

Contribution

It introduces a continuation-based approach utilizing buffer introspection, compatible with existing tools like AddressSanitizer and SoftBound, to handle overflows without aborting execution.

Findings

Effective in real-world bug scenarios

Low performance overhead with bounds-tracking tools

Compatible with popular bug mitigation tools

Abstract

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server applications, it would be desirable to prevent such errors while maintaining availability of the system. To this end, we present an approach to handle buffer overflows without aborting the program. This approach involves implementing a continuation logic in library functions based on an introspection function that allows querying the size of a buffer. We demonstrate that introspection can be implemented in popular bug-finding and bug-mitigation tools such as LLVM's AddressSanitizer, SoftBound, and Intel-MPX-based bounds checking. We evaluated our approach in a case study of real-world bugs and show that for tools that explicitly track bounds data, introspection results in a low performance overhead.