Zhuohua Li, Jincheng Wang, Mingshen Sun, and John C.S. Lui
Proceedings of the 27th European Symposium on Research in Computer Security ESORICS '22, Semptember 2022.

Availability:

Abstract.

Rust is a promising system-level programming language that can prevent memory corruption bugs using its strong type system and ownership-based memory management scheme. In practice, programmers usually write Rust code in conjunction with other languages such as C/C++ through Foreign Function Interface (FFI). For example, many notable projects are developed using Rust and other programming languages, such as Firefox, Google Fuchsia OS, and the Linux kernel. Although it is widely believed that gradually re-implementing security-critical components in Rust is a way of enhancing software security, however, using FFI is inherently unsafe. In this paper, we show that memory management across the FFI boundaries is error-prone. Any incorrect use of FFI may corrupt Rust’s ownership system, leading to memory safety issues. To tackle this problem, we design and build FFIChecker, an automated static analysis and bug detection tool dedicated to memory management issues across the Rust/C FFI. We evaluate our tool by checking 987 Rust packages crawled from the official package registry and reveal 34 bugs in 12 packages. Our experiments show that FFIChecker is a useful tool to detect real-world cross-language memory management issues with a reasonable amount of computational resources.

BibTeX Record:

@inproceedings{li22ffichecker,
    author    = "Zhuohua Li and Jincheng Wang and Mingshen Sun and John C.S. Lui",
    title     = "{Detecting Cross-Language Memory Management Issues in Rust}",
    booktitle = "Proceedings of the 27th European Symposium on Research in Computer Security",
    series    = "ESORICS '22",
    year      = "2022",
}