The Meaning of Memory Safety

05/20/2017
by   Arthur Azevedo de Amorim, et al.
0

We propose a rigorous characterization of what it means for a programming language to be memory safe, capturing the intuition that memory safety supports local reasoning about state. We formalize this principle in two different ways. First, we show how a small memory-safe imperative language validates a noninterference property: parts of the state that are not reachable from a given part of the program can neither affect nor be affected by its execution. Second, we show how to take advantage of memory safety to extend separation logic, a framework for reasoning about heap-manipulating programs, with a variant of its frame rule. Our new rule is stronger because it applies even when parts of the program are buggy or malicious, but also weaker because it requires a stricter form of separation between parts of the program state. We also consider a number of pragmatically motivated variations of memory safety and the reasoning principles they support. As an application of our characterization, we evaluate the security of a previously proposed dynamic monitor for memory safety of heap-allocated data.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/13/2023

Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust

Rust is a popular memory-safe systems programming language. In order to ...
research
10/11/2021

Robust Safety for Move

A program that maintains key safety properties even when interacting wit...
research
08/29/2022

MSWasm: Soundly Enforcing Memory-Safe Execution of Unsafe Code

Most programs compiled to WebAssembly (Wasm) today are written in unsafe...
research
05/02/2022

Rusty Links in Local Chains

Rust successfully applies ownership types to control memory allocation. ...
research
05/02/2021

Security Properties for Stack Safety

What exactly does "stack safety" mean? The phrase is associated with a v...
research
10/21/2019

Memory Safety Preservation for WebAssembly

WebAssembly (Wasm) is a next-generation portable compilation target for ...
research
01/31/2022

A Formal Model of Checked C

We present a formal model of Checked C, a dialect of C that aims to enfo...

Please sign up or login with your details

Forgot password? Click here to reset