 |
| Google wants to fix Chrome memory management errors |
After analyzing 912 security bugs fixed in Chrome since 2015, Google engineers found that about 70% of the serious security errors in the Chrome code base were memory management errors, and they added half of that "thanks to management" between them. The low memory tag (address book) is incorrect, which could lead to an attack on Chrome's internal components.
This number corresponds to the statistics Microsoft participated in. Microsoft engineers said at a security conference in February 2019: Microsoft product security updates in the past 12 years have identified nearly 70% of memory management vulnerabilities.
Endless memory management problems:
Google and Microsoft mainly deal with the same issue, which means that C ++ is not safe and outdated software tools that were developed decades ago when the development of security and cyberattacks was not a threat model.
Therefore, (C ++) gives programmers full control over handling application memory tags (addresses), and there are no restrictions or warnings in this programming language that may prevent developers from making errors in memory management.
Software errors lead to weaknesses in memory management in applications, and attackers try to find and exploit these vulnerabilities. In this way, they can integrate the code into the device's memory and execute the code from the victim's application (browser, server, or operating system).
In recent years, developers have tried to remove most of the security holes and add the necessary security protection by developing software engineering. However, this has nothing to do with the administrative flaws. memory.
Google hopes to fix Chrome memory errors:
According to Google, 125 of 130 bugs fixed in Chrome since March 2019 have a serious rating and are associated with memory management issues, indicating that management is making progress despite progress in fixing other categories of bugs. Memory is still the main issue for the company, so Google believes that Chrome engineers should follow Rule 2 now.
According to this rule, your code must not exceed more than two of the following when designing new features for Chrome:
- The code handles untrustworthy entries.
- This code works without sandbox mode.
- The symbol is written in Serious Symbol Language (C ++).
This is largely due to Mozilla's early efforts, but Mozilla is not the only organization that eliminates error-prone (C ++) code because Microsoft has invested heavily in researching C ++ alternatives for the Rust experience. And build a safe programming language (rust).
Google announced a similar plan this week. The company also plans to fix Chrome memory management bug, which is used by almost 70% of internet users.
Google engineers have always supported Chrome's sandboxing method by isolating dozens of sandboxing operations, and recently implementing site isolation. However, Google engineers say this method has maximized performance benefits. New methods must be found.
Google has said it intends to consider developing custom libraries (C ++). To work with the Chrome code base, the search giant also examined a project (MiraclePtr) aimed at converting errors resulting from memory pointer error handling into non-security errors acceptable results. Performance and has little impact on stability.
Google also plans to use safe languages for exploration as possible, including (Rust), (Swift), (JavaScript), (Kotlin), and (Java).