Background and Relevant Art
Computer programs are ubiquitous and are used not just to direct the functionality of a conventional computer but also to control and enhance the functionality of myriad modern products and appliances. For instance, televisions, household appliances, automobiles, medical devices, and so forth, may incorporate computer programs to direct their functionality. Proper storing, reading, writing, and manipulation of data are inherent to the execution of computer programs. That the data written or stored is not corrupted or inadvertently altered prior to a subsequent read access is something which is assumed by executing software and, if otherwise, may cause executing software to fail to complete successfully or to execute or complete while producing an erroneous or suspect result.
Current computer memory models treat all data in an address space as functionally equivalent, even though, in practice, some data may be far more important than others in the successful or correct execution of a particular computer program. Memory may be written and read, for instance, by entities such as application programs, by functions and subroutines within an application program, and by third-party libraries called by application programs. There is often little or no protection or verification that the data being written or read by any of these particular entities is correct or that it is being written to or read from the correct memory location. Because one entity may be relying on data that may or may not be overwritten or otherwise altered or corrupted by another entity, there is a danger that erroneous, inadvertently altered, or corrupted data may adversely affect the proper and correct execution of a computer program.
In type safe programming languages like Pascal and Java, only an entity which knows what type of data it is accessing may read from or write to the data location. Although this may insure that only the proper type of data is being written or read, it in no way guarantees that the values being written or read are safe. Furthermore, even type-safe languages cannot protect against corruption of pointers or handles to memory locations or corruption, such as through hardware errors, to the data within the memory locations, themselves.
Computer programming languages such as C, C++, and others do not typically provide even the level of intrinsic guarantees about memory safety which are present in type-safe languages such as Java. Many applications are still written using these languages for performance and compatibility reasons and, as a result, memory errors continue to be common causes of both program failures and security vulnerabilities. In a typical C or C++ program, for example, it is possible for an erroneous pointer or memory read or write to cause the application to terminate abnormally (i.e., “crash”) or to produce incorrect output or results.
Beyond the corruption due to inadvertently erroneous reads and writes, hardware errors may also introduce possible errors to otherwise correctly executing software. Even an otherwise correctly written program calling only correctly written subroutines or libraries may suffer ill effects if a memory location, itself, is somehow corrupted or its value inadvertently changed.
Because of the sometimes unreliable nature of data stored in computer memory and the inherent reliance of software on all data being perfectly reliable, computer software continues to be plagued with problems of reliable execution and production of reliable results.