The Chromium project has observed that around 70% of serious security bugs in Google Chrome are memory safety problems. Nearly half of this 70% security bugs are use-after-free vulnerabilities that arise from incorrect management of memory pointers and make Chrome’s inner components vulnerable.
This conclusion was arrived after analyzing 912 security bugs that were fixed in the stable Chrome version in 2015. Google engineers analyzed the bugs that were rated “high” or “critical” in severity.
This isn’t the first time when memory safety issues have surfaced as a security concern in popular services. Back in February 2019, Microsoft engineers also quoted that nearly 70% of all security updates for Microsoft products (in the last 12 years) were related to memory safety vulnerabilities.
Why is memory safety still a huge problem?
Google and Microsoft have been dealing with memory safety issues as they have C and C++ in their popular software such as Windows 10 and Chrome. But both C and C++ programming languages have been labeled as “unsafe languages” that give birth to memory management problems.
These two languages were created years ago when security issues were not a major concern. Hence, the creators of these languages did not take memory safety problems into account while creating it.
Both C and C++ languages give full control to developers on how they would like to manage the memory pointers (addresses) in the code. However, no error or warnings is raised in these languages to prevent developers from making errors in basic memory management.
This results in memory management vulnerabilities in applications. Some of the common vulnerabilities are buffer overflow, wild pointers, use-after-free, race conditions, double free, etc.
Such vulnerabilities are often exploited by hackers to plant malicious codes inside a device’s memory. Once the victim executes such booby-trapped codes via browser, OS, or servers, they unknowingly fall prey to a cyber-attack.
Software engineering has made advancement in recent times with programmers getting better at resolving security flaws and placing failsafe methods in place. However, no such breakthrough has been observed for memory management vulnerabilities.
How Google aims to address memory bugs in Chrome?
Google says the next major plan at Chromium Project is to prevent such bugs at the source. To solve the problem of memory management bugs Google Chrome engineers will now follow “The Rule of 2.”
This rule states that whenever a new Chrome feature is coded, it must not satisfy more than two of the following conditions where the code:
- has untrustworthy inputs
- runs without sandboxing
- is written in an unsafe programming language (like C/C++)
