{"id":45818,"date":"2024-11-18T17:12:08","date_gmt":"2024-11-18T22:12:08","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=45818"},"modified":"2024-11-18T17:12:08","modified_gmt":"2024-11-18T22:12:08","slug":"retrofitting-spatial-safety-to-hundreds-of-millions-of-lines-of-c","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2024\/11\/18\/retrofitting-spatial-safety-to-hundreds-of-millions-of-lines-of-c\/","title":{"rendered":"Retrofitting Spatial Safety to Hundreds of Millions of Lines of C++"},"content":{"rendered":"

Google Security<\/a>:<\/p>\n

Based on an analysis of in-the-wild exploits tracked by Google’s Project Zero<\/a>, spatial safety vulnerabilities represent 40% of in-the-wild memory safety exploits over the past decade[…]<\/p>

[…]<\/p>

A key element of our strategy focuses on Safe Coding<\/a> and using memory-safe languages in new code.<\/p>

[…]<\/p>

However, this transition will take multiple years as we adapt our development practices and infrastructure. Ensuring the safety of our billions of users therefore requires us to go further: we’re also retrofitting secure-by-design principles to our existing C++ codebase wherever possible.<\/p>

[…]<\/p>

Hardened libc++<\/a>, recently added by open source contributors, introduces a set of security checks designed to catch vulnerabilities such as out-of-bounds accesses in production. […] Hardening libc++ resulted in an average 0.30% performance impact across our services (yes, only a third of a percent).<\/p><\/blockquote>\n\n

Previously:<\/p>\n