DeepAI AI Chat
Log In Sign Up

SafeLLVM: LLVM Without The ROP Gadgets!

by   Federico Cassano, et al.

Memory safety is a cornerstone of secure and robust software systems, as it prevents a wide range of vulnerabilities and exploitation techniques. Among these, we focus on Return-Oriented Programming (ROP). ROP works as such: the attacker takes control of the program's execution flow via a memory corruption attack, then takes advantages of code snippets already in the program's memory, dubbed "gadgets," to achieve the attacker's desired effect. In this paper, we introduce SafeLLVM, an approach to minimize the number of gadgets in x86-64 binaries compiled with the LLVM infrastructure. Building upon the techniques outlined in previous works, we implement a series of passes within the LLVM compiler's backend to minimize the number of gadgets present and thus prevent ROP attacks. We evaluated our approach by compiling a number of real-world applications, including cJSON, zlib, curl, and mimalloc. The results show our solution is able to prevent any form of ROP on the binaries compiled with SafeLLVM while maintaining the same functionality as the original binaries.


page 1

page 2

page 3

page 4


A practical analysis of ROP attacks

Control Flow Hijacking attacks have posed a serious threat to the securi...

Bypassing memory safety mechanisms through speculative control flow hijacks

The prevalence of memory corruption bugs in the past decades resulted in...

Taming the War in Memory: A Resilient Mitigation Strategy Against Memory Safety Attacks in CPS

Memory-safety attacks have been one of the most critical threats against...

Steroids for DOPed Applications: A Compiler for Automated Data-Oriented Programming

The wide-spread adoption of system defenses such as the randomization of...

SecurePtrs: Proving Secure Compilation with Data-Flow Back-Translation and Turn-Taking Simulation

Proving secure compilation of partial programs typically requires back-t...

CallE: An Effect System for Method Calls

Effect systems are used to statically reason about the effects an expres...

SMA: Eliminate Memory Spatial Errors via Saturation Memory Access

Memory spatial error, i.e., buffer overflow, has been a well-known issue...