CFIghter: Automated Control-Flow Integrity Enablement and Evaluation for Legacy C/C++ Systems

TL;DR

CFIghter is an automated system that enables strict, type-based control-flow integrity in large C/C++ projects by automatically repairing violations, making deployment of CFI practical for complex, real-world software.

Contribution

It introduces CFIghter, the first fully automated tool that detects, classifies, and repairs CFI violations in large C/C++ codebases without manual source modifications.

Findings

Resolves all build errors related to visibility issues.

Automatically repairs 95.8% of CFI violations in large codebases.

Maintains strict CFI enforcement at over 89% of indirect control-flow sites.

Abstract

Compiler-based Control-Flow Integrity (CFI) offers strong forward-edge protection but remains challenging to deploy in large C/C++ software due to visibility mismatches, type inconsistencies, and unintended behavioral failures. We present CFIghter, the first fully automated system that enables strict, type-based CFI in real-world projects by detecting, classifying, and repairing unintended policy violations exposed by the test suite. CFIghter integrates whole-program analysis with guided runtime monitoring and iteratively applies the minimal necessary adjustments to CFI enforcement only where required, stopping once all tests pass or remaining failures are deemed unresolvable. We evaluate CFIghter on four GNU projects. It resolves all visibility-related build errors and automatically repairs 95.8% of unintended CFI violations in the large, multi-library util-linux codebase, while retaining strict enforcement at over 89% of indirect control-flow sites. Across all subjects, CFIghter preserves strict type-based CFI for the majority of the codebase without requiring manual source-code changes, relying only on automatically generated visibility adjustments and localized enforcement scopes where necessary. These results show that automated compatibility repair makes strict compiler CFI practically deployable in mature, modular C software.