Skip to main content
eScholarship
Open Access Publications from the University of California

UC San Diego

UC San Diego Electronic Theses and Dissertations bannerUC San Diego

Compilers and Software Security: Opportunities and Challenges

Abstract

Compilers are at the foundation of software security. On the one hand, compilers are an ideal place to secure software due to their knowledge of the programs under protection and their minimal requirements of developer efforts. We designed and implemented a highly efficient compiler-based Control-Flow Integrity (CFI) scheme for C++ virtual calls. The scheme introduces minimal performance and code bloat overhead even for programs that use virtual calls heavily, which make it more likely to be deployed to real-world programs that have strict requirements on performance and code size. On the other hand, compilers can also be detrimental to software security. We explored this direction by investigating the security implications of the dead store elimination (DSE), a common compiler optimization, and the existing strategies devised to prevent DSE from affecting the security of software. We found that none of the existing strategies are both guaranteed to work and universally available and many of them are flawed, which lead to the security vulnerabilities in some of the most popular security-related programs and libraries we surveyed.

Main Content
For improved accessibility of PDF content, download the file to your device.
Current View