Chrome willing to take performance hit to prevent use-after-free bugs

Various attempts will be made in the browser to make memory handling safer.
Written by Chris Duckett, Contributor
Image: Shutterstock

The Chrome security team has said it is willing to make the browser slightly slower if it means the tradeoff is a much more secure browser.

Pointing to previous figures that 70% of all security problems are related to memory safety, the team said in a blog post that it was looking at three approaches: Compile-time checks, runtime checks, and using a memory safe language.

Thanks to the use of C++, the first option was not possible, but it was looking at solutions such as MiraclePtr for runtime checking.

"MiraclePtr prevents use-after-free bugs by quarantining memory that may still be referenced. On many mobile devices, memory is very precious and it's hard to spare some for a quarantine," the team said.

"Nevertheless, MiraclePtr stands a chance of eliminating over 50% of the use-after-free bugs in the browser process -- an enormous win for Chrome security, right now."

At the same time, the browser is continuing to look at how to integrate the Rust language to allow for compile-time checks which subsequently do not impact performance.

"There are open questions about whether we can make C++ and Rust work well enough together," the team said.

"Even if we started writing new large components in Rust tomorrow, we'd be unlikely to eliminate a significant proportion of security vulnerabilities for many years. And can we make the language boundary clean enough that we can write parts of existing components in Rust? We don't know yet. "

The team said it is trying out some limited usage of Rust, but this has yet to make it through to production builds of Chrome.

Invented by Mozilla, Rust has been used in parts of Firefox since 2016, and Google's Android team has pushed to introduce Rust into the Linux kernel.

Related Coverage

Editorial standards