Foundations for a Rust-Like Borrow Checker for C
Memory safety issues in C are the origin of various vulnerabilities that can compromise a program’s correctness or safety from attacks. We propose a different approach to tackle memory safety, the replication of Rust’s Mid-level Intermediate Representation (MIR) Borrow Checker, through the usage of static analysis and successive source-to-source code transformations, to be composed upstream of the compiler, thus ensuring maximal compatibility with most build systems. This allows us to approximate a subset of C to Rust’s core concepts, applying the memory safety guarantees of the rustc compiler to C. In this work, we present a survey of Rust’s efforts towards ensuring memory safety, and describe the theoretical basis for a C borrow checker, alongside a proof-of-concept that was developed to demonstrate its potential. This prototype correctly identified violations of the ownership and aliasing rules, and accurately reported each error with a level of detail comparable to that of the rustc compiler.
Mon 24 JunDisplayed time zone: Windhoek change
16:00 - 17:40 | |||
16:00 15mTalk | EVMBT: A Binary Translation Scheme for Upgrading EVM Smart Contracts to WASM LCTES Weimin Chen The Hong Kong Polytechnic University, Xiapu Luo The Hong Kong Polytechnic University, Haoyu Wang Huazhong University of Science and Technology, Heming Cui University of Hong Kong, Shuyu Zheng Peking University, Xuanzhe Liu Peking University | ||
16:15 15mTalk | CodeExtract: Enhancing Binary Code Similarity Detection with Code Extraction Techniques LCTES Lichen Jia Institute of Computing Technology, Chinese Academy of Sciences, Chenggang Wu Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences; Zhongguancun Laboratory, Zhe Wang Institute of Computing Technology at Chinese Academy of Sciences; Zhongguancun Laboratory, Peihua Zhang | ||
16:30 15mTalk | Foundations for a Rust-Like Borrow Checker for C LCTES Tiago Silva University of Porto, João Bispo Faculdade de Engenharia e Universidade do Porto, Tiago Carvalho University of Porto | ||
16:45 15mTalk | Enhancing Code Vulnerability Detection via Vulnerability-Preserving Data Augmentation LCTES Shangqing Liu Nanyang Technological University, Wei Ma Nanyang Technological University, Singapore, Jian Wang Nanyang Technological University, Xiaofei Xie Singapore Management University, Ruitao Feng SMU, Yang Liu Nanyang Technological University | ||
17:00 15mTalk | (WIP) A Flexible-Granularity Task Graph Representation and its Generation from C Applications LCTES Tiago Santos Faculty of Engineering, University of Porto, João Bispo Faculdade de Engenharia e Universidade do Porto, João M. P. Cardoso University of Porto and INESC TEC, Portugal | ||
17:15 25mDay closing | Award and Closing LCTES | ||