Light-weight Bounds Checker (LBC)
See our CGO 2012
paper for an overview of this approach.
LBC is system for detecting out-of-bounds
accesses. It consists of a runtime library and a source-to-source
transformer for C-programs. Programs transformed by LBC can be
compiled using any existing compiler such as gcc. In addition, LBC
is designed to work with existing Makefiles, without needing to make changes.
LBC was designed with the following goals:
- Provide 100% compatibility with existing C-code.
- Incur low runtime overheads
It achieves the first goal by avoiding checks on pointer arithmetic, and
by only checking pointer dereferences. Thus, it is compatible with
programs that perform arbitrary manipulations of pointers, including
conversions between pointers and integers. The downside of permitting
such arbitrary pointer manipulations is that it becomes difficult to
detect non-contiguous buffer overflows, i.e., situations where
a large offset is added to a pointer that causes it to "jump over" the
next few objects.
It achieves the second
objective using well-designed data structures and algorithms.
LBC is implemented in Objective Caml (http://caml.inria.fr) and uses CIL (http://manju.cs.berkeley.edu/cil/) as the front-end to manipulate C constructs.
LBC is alpha software. It is provided only for the research and evaluation purpose.
Shipped under GPL: lbc.tar.gz.
The README file included in the distribution is also available here
This work was supported in part by an NSF grant CNS-
0831298, an AFOSR grant FA9550-09-1-0539, and an ONR grant