SMOV: Array Bound-Check and access in a single instruction

Abstract

A Buffer Overflow (BOF) continues to be among the top open doors to worms and malware. Earlier in 2014, the security world was taken by surprise when researches unveiled a BOF in OpenSSL. Languages like C and C++, widely used for system development and for a large variety of applications, do not provide native Array-Bound Checks (ABC). A myriad of proposals endeavor memory protection for such languages by employing both software- and hardware-based solutions. Due to numerous reasons, none of them have yet reached the mainstream. In this work we propose a novel approach to achieve an array bound-check and a memory access (when allowed) within a single instruction. We discuss how it can be implemented on variable-length ISAs and provide a reference implementation. Our results indicate that our solution can run programs 1,79× faster than the software-based approach.