Google is actively improving security in its C++ code to eliminate vulnerabilities associated with memory spatial safety. These vulnerabilities occur when code accesses data outside the designated memory, which attackers can exploit to compromise systems and steal data.
Google’s Project Zero reports that spatial vulnerabilities account for 40% of all exploits discovered “in the wild” over the past decade. To enhance the security of its products, Google is implementing safe programming practices and memory protections in new code. However, given the extensive volume of existing C++ code, the transition process is expected to take several years.
To address these issues, Google has started modifying its C++ code by incorporating an enhanced Libc++ library. This update includes data boundary checks in standard structures like STD::Vector and STD::Optional to prevent unauthorized access to memory areas and non-unit data.
The security verification was initially implemented in the Chrome browser in 2022 and has now been extended to Google’s server systems, including key services such as search, mail, maps, and YouTube. Although a few critical components are temporarily excluded from the new system, Google is actively working on full integration.
Despite concerns about potential performance impacts, the boundary checks have only caused a 0.3% slowdown in Google services. Through compiler optimizations and profiling techniques, this minimal impact has not significantly affected user experience.
The transition to the secure version of Libc++ proceeded in three stages: testing, adaptation, and gradual deployment on actual systems. Over a thousand bugs were identified and fixed, leading to a 30% decrease in failures. Moreover, the audit helped prevent internal attacks and expedited the identification of outdated code errors.
Google’s future plans include expanding audits to other libraries and implementing SAFE Buffers to further enhance security. This will simplify interactions with languages that already support memory protection and streamline automated code translation processes.