This is a license agreement ("Agreement") between your company (if being installed and used at a company) or self (if being installed and used by an individual) (the user is called "Licensee" or "you" in this Agreement) and Carnegie Mellon University (called "Carnegie Mellon" or "Licensor" in this Agreement). All rights not specifically granted to you in this Agreement are reserved to Licensor. By Clicking the "I Agree" button below, you are agreeing to fully comply with the terms and conditions of this Agreement, without modification by you. If you do not agree with these terms and conditions as originally stated, your only recourse is to discontinue using this software. Unless explicitly stated otherwise, any new features that augment or enhance this software, shall be subject to the terms of this Agreement.
Copyright © 2012 Carnegie Mellon University. All Rights Reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
THIS SOFTWARE IS PROVIDED BY CARNEGIE MELLON UNIVERSITY 'AS IS' AND CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, AS TO ANY MATTER, AND ALL SUCH WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE EXPRESSLY DISCLAIMED. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND RELATING TO EXCLUSIVITY, INFORMATIONAL CONTENT, ERROR-FREE OPERATION, RESULTS TO BE OBTAINED FROM USE, FREEDOM FROM PATENT, TRADEMARK AND COPYRIGHT INFRINGEMENT AND/OR FREEDOM FROM THEFT OF TRADE SECRETS.
This is a research prototype for the purpose of preventing buffer overflows from succeeding in multithreaded code. It is based on the SoftBound spatial memory safety mechanism, as distributed with the SAFECode project.
This prototype augments SoftBound with the following features.
memcpy
.SOFTBOUNDCETS_ABORT_MODE
to abort
, continue
,
or quiet
respectively when running the compiled
program.Some minor corrections to SAFECode function declarations are also included, so that SAFECode and SoftBound results can be compared.
The following are not included.
The current version of SAFECode at the time of this release is built on LLVM 3.2. LLVM 3.4 and later are not capable of compiling LLVM 3.2, so it will be necessary to have GCC, or LLVM 3.3 or earlier, installed on the system to perform the compilation.
This prototype is intended for x86-64 Linux. It may run on Mac OS X, but Apple's default version of LLVM is later than 3.3.
First, download bofelim.tar. Then type the following commands into a terminal window (typically launched with Ctrl+Alt+T).
$ tar xf bofelim.tar $ svn co http://llvm.org/svn/llvm-project/llvm/branches/release_32 llvm $ cd llvm $ patch -p0 -i ../llvm.patch $ cd projects $ svn co http://llvm.org/svn/llvm-project/poolalloc/branches/release_32 poolalloc $ svn co http://llvm.org/svn/llvm-project/safecode/branches/release_32 safecode $ cd safecode $ patch -p0 -i ../../../llvm_projects_safecode.patch $ cd ../../..
The following commands will build the compiler.
The -j
options to parallelize make
are
optional, but are recommended because the compiler build is
slow.
$ mkdir llvm_build $ cd llvm_build $ ../llvm/configure --enable-optimized --prefix=<your preferred install location> $ make -j <number-of-cores> -k tools-only $ cd projects/poolalloc $ make -j <number-of-cores> -k $ cd ../safecode $ make -j <number-of-cores> -k $ cd ../../..
The following commands will install the compiler built above.
$ cd llvm_build $ make install $ cd projects/poolalloc $ make install $ cd ../safecode $ make install $ cd ../../..
Use the -fsoftbound
flag to insert SoftBound checks,
and use the -L
flag to specify the location of the
SoftBound runtime.
$ clang -g -O -fsoftbound foo.c -o foo -L<your preferred install location>/lib