Don’t Look UB: Exposing Sanitizer-Eliding Compiler Optimizations

Citations Over TimeTop 20% of 2023 papers

Abstract

Sanitizers are widely used compiler features that detect undefined behavior and resulting vulnerabilities by injecting runtime checks into programs. For better performance, sanitizers are often used in conjunction with optimization passes. But doing so combines two compiler features with conflicting objectives. While sanitizers want to expose undefined behavior, optimizers often exploit these same properties for performance. In this paper, we show that this clash can have serious consequences: optimizations can remove sanitizer failures, thereby hiding the presence of bugs or even introducing new ones. We present LookUB, a differential-testing based framework for finding optimizer transformations that elide sanitizer failures. We used our method to find 17 such sanitizer-eliding optimizations in Clang. Next, we used static analysis and fuzzing to search for bugs in open-source projects that were previously hidden due to sanitizer-eliding optimizations. This led us to discover 20 new bugs in Linux Containers, libmpeg2, NTFS-3G, and WINE. Finally, we present an effective mitigation strategy based on a customization of the Clang optimizer with an overhead increase of 4%.

Related Papers

• → SeededFuzz: Selecting and Generating Seeds for Directed Fuzzing(2016)21 cited
• → Research of Microservices Features in Information Systems Using Spring Boot(2020)5 cited
• → Building an EdTech Platform Using Microservices and Docker(2021)3 cited
• → A review on using an alcohol-based sanitizer as a prophylactic measure against microorganisms(2021)1 cited
• → Chemistry of hand sanitizer amid COVID-19: importance, formulation and adverse effects(2020)