Progress on Bounds Checking in C and the Linux Kernel

Explore the advancements in bounds checking for C and the Linux kernel in this 46-minute conference talk. Delve into the challenges of heap buffer overflow flaws in C code and the compiler's limitations in preventing them. Learn about the history of the "flex array member" (FAM) in C language specifications and the introduction of -fstrict-flex-arrays for unambiguous array size declarations. Discover how the Linux kernel builds upon these improvements by transforming arrays, implementing __builtin_dynamic_object_size(), enhancing defenses like FORTIFY_SOURCE, and expanding compiler knowledge for improved sanitizers. Explore the potential of a new struct member attribute to extend object size tracking to all array types, aiming to eliminate persistent buffer overflow vulnerabilities in Linux.

Progress On Bounds Checking in C and the Linux Kernel - Kees Cook, Google & Gustavo A.R. Silva