CISPA
Browse
- No file added yet -

TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation

Download (784.87 kB)
conference contribution
posted on 2023-11-29, 18:22 authored by Markus Bauer, Ilya Grishchenko, Christian RossowChristian Rossow
Maliciously-overwritten function pointers in C programs often lead to arbitrary code execution. In principle, forward CFI schemes mitigate this problem by restricting indirect function calls to valid call targets only. However, existing forward CFI schemes either depend on specific hardware capabilities, or are too permissive (weakening security guarantees) or too strict (breaking compatibility). We present TyPro, a Clang-based forward CFI scheme based on type propagation. TyPro uses static analysis to follow function pointer types through C programs, and can determine the possible target functions for indirect calls at compile time with high precision. TyPro does not underestimate possible targets and does not break real-world programs, including those relying on dynamically-loaded code. TyPro has no runtime overhead on average and does not depend on architecture or special hardware features.

History

Preferred Citation

Markus Bauer, Ilya Grishchenko and Christian Rossow. TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation. In: Annual Computer Security Applications Conference (ACSAC). 2022.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Annual Computer Security Applications Conference (ACSAC)

Legacy Posted Date

2022-09-08

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_3768, title = "TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation", author = "Bauer, Markus and Grishchenko, Ilya and Rossow, Christian", booktitle="{Annual Computer Security Applications Conference (ACSAC)}", year="2022", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC