Light-weight Bounds Checker (LBC)

See our CGO 2012 paper for an overview of this approach.

---

Introduction

LBC is system for detecting out-of-bounds accesses. It consists of a runtime library and a source-to-source transformer for C-programs. Programs transformed by LBC can be compiled using any existing compiler such as gcc. In addition, LBC is designed to work with existing Makefiles, without needing to make changes.

LBC was designed with the following goals:

• Provide 100% compatibility with existing C-code.
• Incur low runtime overheads

It achieves the first goal by avoiding checks on pointer arithmetic, and by only checking pointer dereferences. Thus, it is compatible with programs that perform arbitrary manipulations of pointers, including conversions between pointers and integers. The downside of permitting such arbitrary pointer manipulations is that it becomes difficult to detect non-contiguous buffer overflows, i.e., situations where a large offset is added to a pointer that causes it to "jump over" the next few objects.

It achieves the second objective using well-designed data structures and algorithms.

LBC is implemented in Objective Caml (http://caml.inria.fr) and uses CIL (http://manju.cs.berkeley.edu/cil/) as the front-end to manipulate C constructs.

Status

LBC is alpha software. It is provided only for the research and evaluation purpose.

Download

Shipped under GPL: lbc.tar.gz. The README file included in the distribution is also available here

Acknowledgments

This work was supported in part by an NSF grant CNS- 0831298, an AFOSR grant FA9550-09-1-0539, and an ONR grant N000140710928.