Sleeping with the /*Enemy*/ Compiler: Software Vulnerabilities Caused by Optimizations

Presented at ekoparty 14 (2018), Sept. 28, 2018, 4:50 p.m. (30 minutes).

There are some techniques to avoid vulnerabilities, such as zeroing buffers placed in the stack before leaving functions; however, modern optimization techniques such as Death Store Elimination may lead the compiler think that the call is not necessary, thus removing it. In this talk I will present well known security-related software examples where compiler optimizations led to software vulnerabilities; I will also show a live toy example of exploiting a vulnerability caused by a compiler optimization; then I will show common workarounds such as OS-provided functions and other techniques; finally, I will introduce some compiler internals and invite people to contribute to mainstream compilers to avoid these situations with some ideas, such as enhanced diagnostics and code generation.


Presenters:

  • Daniel Gutson
    My life has been cursed with a painful succession of exotic compilers development, some of which I was not allowed to know what they were used for. Since compilers require combining both high level algorithms with low level knowledge of the target architecture, I had to mess with the full range. I contributed to the GNU toolchain (implementing hardware erratas, adding finite state machines to the assembler, fixing relentlessly the debugger) and to the C++ language committee. Since the mid 90s, I've been doing some embedded development and OS development, with a strong security focus in mind. Now I am a co-founder of a firmware security company where we have to apply many of these experiences. I enjoy encouraging and guiding other people to grow and get involved with the free software community, especially in terms of both security and compilers development.

Links:

Similar Presentations: