Explore a comprehensive analysis of security vulnerabilities in JavaScript bindings during this 18-minute IEEE conference talk. Delve into the challenges of implementing runtime functions in C++ for JavaScript environments like Node.js and Chrome. Discover various types of exploitable errors in binding code, and learn about newly developed static checkers for detecting these flaws. Examine a suite of 81 proof-of-concept exploits crafted to demonstrate the severity of binding layer security issues. Gain insights into a backwards-compatible, low-overhead API designed to prevent such vulnerabilities. Understand the impact of binding bugs through real-world examples, including awarded bug bounties. Analyze specific cases like buffer overflows and use-after-free bugs in popular runtime systems. Acquire knowledge on implementing safer JavaScript engine APIs to mitigate these security risks.
Overview
Syllabus
Intro
Binding code: extending the JavaScript environment
Write a string to a file from JavaScript
Chrome browser runtime system
Binding errors can lead to violations of JavaScript's
We focus on finding and preventing binding bugs in four JavaScript runtime systems
Static analysis tools to find bugs in binding code
What do binding bugs look like?
Buffer fill in context
Checker for memory errors in Node.js
A use-after-free bug in PDFium
Checker results
Preventing bugs with a safer JavaScript engine API
Wrap up
Taught by
IEEE Symposium on Security and Privacy
