Browse Prior Art Database

A method to detect and prevent memory overwrites across the memory chunks allocated within the process heap area.

IP.com Disclosure Number: IPCOM000196346D
Publication Date: 2010-May-31
Document File: 6 page(s) / 2M

Publishing Venue

The IP.com Prior Art Database

Abstract

Background: Any software product/program is vulnerable to memory corruptions. Effects of memory corruption range from simple program failures to downtime of business services affecting customer business. Memory overwrite (either by application running in the process or by any other software servicing the application within that process) are the most frequent root cause for memory corruptions. When a memory illegal operation or access of memory beyond process address space is attempted, the operating system will generate memory violation signal and terminates the process by default. This protects the operating system from the illegal operations attempted by the process. Memory overwrites beyond the allocated memory area but within the address space of the process can lead to i) application data corruption and/or ii) access to a memory area beyond process address space resulting in abnormal process termination. In the former case the operating system cannot detect/prevent such overwrite operations (FIG 1), unless special mechanisms to detect and prevent it are incorporated in the system. In a mission critical application where the data of various software components are stored in the process heap, it is quite important to prevent such memory overwrites among the data structures within the process heap to ensure data integrity. What is the problem solved by your invention: This invention proposes a solution for memory overwrite (FIG 1) prevention within the process heap. Known solutions to this problem: Currently there are tools/facilities which identify and avoid memory overwrites, but they are known to use heavy memory and impact performance and are not recommended for use in a real time customer scenario(for e.g.: environment variable like MALLOCDEBUG=catch_overflow on AIX platform). A publication on Memory OverFlow Management proposes a solution to manage memory overflow. It involves a memory overflow manger which consists of Overflow protector. Overflow protector can adapt one of two methods to prevent overflow. i) remapper. Remapper may copy the contents pages(being overwritten) to another location that is safe from corruption and modify the page table to associate the new location with logical addresses utilized by the corresponding tasks to access the pages. ii) Task re-prioritizer. It copies memory for the task that may get affected by memory overflow into heap backups to prevent corruption and pauses those tasks. Drawbacks of the Memory OverFlow Manager This proposition is mainly focused on applying correction to memory overwrites by allocating additional memory to the task that is overwriting the memory. Checksum monitoring mechanism proposed to detect memory overwrite many have certain latency time between when the memory was overwritten and when it was detected by checksum monitor. Remapper approach can lead to memory shortage and performance implication if there are more number of tasks overwriting the memory. The remapped memory area again could be overwritten by another task which may imply more complex method of management the memory areas and associated tasks. Task re-prioritizer can also have performance implications if there are frequent overwrites by different tasks.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 44% of the total text.

Page 1 of 6

A method to detect and prevent memory overwrites across the memory chunks

A method to detect and prevent memory overwrites across the memory chunksA method to detect and prevent memory overwrites across the memory chunks

allocated within the process heap area

allocated within the process heap areaallocated within the process heap area .

..

Description of the Solution:

The solution proposes that every n bytes of memory request (malloc) by application is served with n+1 bytes. The address of the (n+1)th byte is fed to address alias apparatus.

The address alias apparatus detects any memory overwrite operation attempting to write at (n+1)th address, before the start of actual write operation. When such an overwrite is detected the address alias apparatus maps/aliases destination write address to a read-only address (assume 0x00000000 is a read-only memory location). Write operation at destination address now will be an attempt to write at read-only memory location (0x00000000 ) which will be prevented by operating system. Ref FIG. 3.

For e.g. refer to the below program test.c

typedef struct ABC { int Id ;
char *IdDetails;
} Abc

_t;

typedef struct XYZ { int a;
short s;
char *ptr;
} Xyz

_t;

main() {

Abc

_t *ptr1;

Xyz

_t *ptr2;

ptr1 = (struct ABC *) malloc(sizeof(Abc

_t)) ;

ptr2 = (struct XYZ *) malloc(sizeof(Xyz

_t)) ;

    strcpy(ptr1, "10101110111001111110001101"); }

Assume following addresses are allocated to the pointers:

1

Page 2 of 6

Pointer variables Allocated area Size ptr1

0x 20000598 to 0x 2000059F

12

The solution proposes to allocate an additional byte/word for every malloc request.

Pointer variables Allocated area Size ptr1

0x 20000598 to 0x 200005A0

13

Here the last address 0x200005A0 (for ptr1) and 0x200005B4 (for ptr2) are fed to the address alias apparatus. Later at any point of time if the application attempts to write more than 8 bytes starting from address 0x 20000598, this is detected before hand by the address alias apparatus. The address alias apparatus now maps the destination address 0x 20000598 to a read-only address and allows the write operation to continue. Operating system will raise a memory fault when this line of code gets executed.

Applications can further leverage on this feature by registering signal handlers to catch memory illegal exceptions so as to prevent any abruptions of the services being provided by the applications. Information about memory illegal operation can also be dumped in-order to take corrective actions on the code causing memory overwrites.

Address alias generator apparatus.

Address alias generator apparatus consists of an lookup table called Memory Overwrite Protection table (MOP table) stored within application heap or in kernel memory space.

For an application which has enabled use of MOP feature, MOP table of specified size would be create at process creation time. Each memory allocation request for n bytes creates an entry in the MOP table. The entry mainly has two fields, affective addr...

Processing...
Loading...