DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging Extension

Memory safety bugs in C/C++ persist as significant security issues despite extensive research and attempted mitigations. Current detection frameworks use complex runtime metadata structures which greatly impact the overall performance by increasing execution runtime and memory consumption. This work introduces Dynamic Memory Tagging Instrumentation (DMTI), utilizing the ARM Memory Tagging Extension (MTE) to efficiently detect memory errors in precompiled binaries with no check instrumentation during runtime. Our method, implemented through the Ghidra and DynamoRIO frameworks uses a two-step approach to improve both effectiveness and efficiency. In an analysis step, an object layout for each function inside a binary is generated. Then, during runtime, dynamic instrumentation is used to enable MTE and insert instructions to manage the necessary object metadata, which allows automatic detection of memory violations. Compared to previous approaches, the removal of the check logic leads to substantial performance gains, which we demonstrate in our prototype evaluation. DMTI exhibits superior efficiency with an average runtime overhead of only 2× compared to 10× for state-of-the-art memory checking frameworks.