[talks] C Schlesinger general exam

Melissa Lawson mml at CS.Princeton.EDU
Thu Apr 28 11:29:50 EDT 2011 

Cole Schlesinger will present his research seminar/general exam on Wednesday 
May 4 at 10AM in Room 402.   The members of his committee are:  David 
Walker (advisor), David August, and Andrew Appel.  Everyone is invited to attend 
his talk and those faculty wishing to remain for the oral exam following are 
welcome to do so. His abstract and reading list follow below.
---------------------------------

Abstract:

Modern applications contain libraries and components written by different
people at different times in different languages, often including unsafe
languages like C or C++. As a result, one bug, such as a buffer overflow, in
any component, can compromise the security and reliability of every other
component. To help mitigate these problems, we introduce Yarra, a 
conservative
extension to C with mechanisms for enforcing data integrity and partial 
safety,
even when code is linked against unknown C libraries or binaries. Yarra
programmers specify their data integrity requirements by declaring critical
data types and ascribing these critical types to important data structures.
Yarra guarantees that such critical data is only written through 
pointers with
the given static type. Any attempt to write to critical data through a 
pointer
with an invalid type (perhaps because of a buffer overrun) is detected
dynamically.

We formalize Yarra's semantics and prove the soundness of a program logic
designed for use with the language. A key contribution is to show that 
Yarra's
semantics are strong enough to support sound local reasoning and the use 
of a
frame rule, even across calls to unknown, unverified code. We evaluate a
prototype implementation of a compiler and runtime system for Yarra by 
using it
to harden four common server applications against known non-control data
vulnerabilities. We show that Yarra defends against these attacks with 
only a
negligible impact on their end-to-end performance.


Reading list:

Textbooks:

- Pierce, Benjamin. Types and Programming Languages.
- Winskel, Glynn. The Formal Semantics of Programming Langauges.
(Chapters 1 - 6).

Formal methods papers:

- S. Ishtiaq, P. O'Hearn. BI as an Assertion Language for Mutable Data
Structures. In POPL, 2001.
- P. O'Hearn, H. Yang, J. Reynolds. Separation and Information Hiding.
In POPL, 2004.
- S. K. Lahiri, S. Qadeer, D. Walker. Linear Maps. In PLPV, 2011.
- G. Tan. JNI Light: An Operational Model for the Core JNI. In APLAS, 2010.
- G. C. Necula, S. McPeak, and W. Weimer. CCured: Type-Safe Retrofitting of
Legacy Code. In POPL, 2002.

Systems papers:

- S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Noncontrol-data
attacks are realistic threats. In Usenix Security (SSYM), 2005.
- R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking
for arrays and pointers in C programs. In AADEBUG, 1997.
- S. Nagarakatte, J. Zhao, M. M. K. Martin, and S. Zdancewic. SoftBound:
Highly compatible and complete spatial memory safety for C. In PLDI,
2009.
- E. D. Berger, T. Yang, and G. Novark. Grace: Safe multithreaded
programming for C/C++. In OOPSLA, 2009.
- R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient
software-based fault isolation. In SOSP, pages 203 - 216, 1993.

More information about the talks mailing list