“Manually checking for these bugs is inefficient and time-consuming.” “The goal is to automatically find memory bugs that lead to security vulnerabilities in Rust libraries,” says Jia. In a new study presented at last month’s Programming Language Design and Implementation (PLDI) conference, the team outlined a new tool that automatically checks for memory bugs-the types of bugs that can lead to buffer overflow exploits-in Rust libraries. Imagine pouring three gallons of water into a two-gallon bucket things get messy.Ī team of researchers including CyLab’s Limin Jia, a professor of electrical and computer engineering, and Corina Pasareanu, principal systems scientist in CyLab, has been working to develop solutions to help mitigate the threat of buffer overflow attacks in the context of the Rust programming language. Put simply, a typical buffer overflow occurs when a computer program receives a request to process more data than its physical memory is capable of handling all at once and places the excess into a “buffer.” The buffer itself has a finite capacity, so if the buffer can’t handle the excess, it “overflows,” or crashes. The Morris Worm would eventually be known as the “Grand Daddy” of a specific cyberattack common even to this day: the buffer overflow. In 1988 when the internet was still in its infancy, a piece of malware known as the Morris Worm infected nearly 10 percent of the internet over the course of two days, eventually instigating between $100 thousand and $10 million in damages according to the Government Accountability Office. A team of CyLab researchers have designed a new tool that automatically checks for memory bugs-the types of bugs that can lead to buffer overflow exploits, a commonly deployed cyberattack.
0 kommentar(er)
