Rudra
- 26 October 2021
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Rust is a promising system programming language that guarantees memory safety at compile time. To support diverse requirements for system software such as accessing low-level hardware, Rust allows programmers to perform operations that are not protected by the Rust compiler with the unsafe keyword. However, Rust's safety guarantee relies on the soundness of all unsafe code in the program as well as the standard and external libraries, making it hard to reason about their correctness. In other words, a single bug in any unsafe code breaks the whole program's safety guarantee. In this paper, we introduce RUDRA, a program that analyzes and reports potential memory safety bugs in unsafe Rust. Since a bug in unsafe code threatens the foundation of Rust's safety guarantee, our primary focus is to scale our analysis to all the packages hosted in the Rust package registry. RUDRA can scan the entire registry (43k packages) in 6.5 hours and identified 264 previously unknown memory safety bugs---leading to 76 CVEs and 112 RustSec advisories being filed, which represent 51.6% of memory safety bugs reported to RustSec since 2016. The new bugs RUDRA found are non-trivial, subtle, and often made by Rust experts: two in the Rust standard library, one in the official futures library, and one in the Rust compiler. RUDRA is open-source, and part of its algorithm is integrated into the official Rust linter.Keywords
Funding Information
- DARPA (PA-20-02-07-FP-020)
This publication has 9 references indexed in Scilit:
- Is rust used safely by software developers?Published by Association for Computing Machinery (ACM) ,2020
- Understanding memory and thread safety practices and issues in real-world Rust programsPublished by Association for Computing Machinery (ACM) ,2020
- Stacked borrows: an aliasing model for RustProceedings of the ACM on Programming Languages, 2019
- Verifying Rust Programs with SMACKPublished by Springer Science and Business Media LLC ,2018
- KRust: A Formal Executable Semantics of RustPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2018
- Viper: A Verification Infrastructure for Permission-Based ReasoningLecture Notes in Computer Science, 2015
- Crust: A Bounded Verifier for Rust (N)Published by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- A Tool for Checking ANSI-C ProgramsLecture Notes in Computer Science, 2004
- Exception-Safety in Generic ComponentsPublished by Springer Science and Business Media LLC ,2000