Sciweavers

NDSS
2015
IEEE

Preventing Use-after-free with Dangling Pointers Nullification

8 years 8 months ago
Preventing Use-after-free with Dangling Pointers Nullification
—Many system components and network applications are written in languages that are prone to memory corruption vulnerabilities. There have been countless cases where simple mistakes by developers resulted in memory corruption vulnerabilities and consequently security exploits. While there have been tremendous research efforts to mitigate these vulnerabilities, useafter-free still remains one of the most critical and popular attack vectors because existing proposals have not adequately addressed the challenging program analysis and runtime performance issues. In this paper we present DANGNULL, a system that detects temporal memory safety violations—in particular, use-after-free and double-free—during runtime. DANGNULL relies on the key observation that the root cause of these violations is that pointers are not nullified after the target object is freed. Based on this observation, DANGNULL automatically traces the object’s relationships via pointers and automatically nullifies al...
Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tiel
Added 15 Apr 2016
Updated 15 Apr 2016
Type Journal
Year 2015
Where NDSS
Authors Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, Wenke Lee
Comments (0)