CETS: compiler enforced temporal safety for C
Temporal memory safety errors, such as dangling pointer dereferences and double frees,
are a prevalent source of software bugs in unmanaged languages such as C. Existing …
are a prevalent source of software bugs in unmanaged languages such as C. Existing …
SoK: Sanitizing for security
The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …
Developers therefore resort to a multi-pronged approach to find security issues before …
[PDF][PDF] Preventing Use-after-free with Dangling Pointers Nullification.
Many system components and network applications are written in languages that are prone
to memory corruption vulnerabilities. There have been countless cases where simple …
to memory corruption vulnerabilities. There have been countless cases where simple …
Preventing memory error exploits with WIT
Attacks often exploit memory errors to gain control over the execution of vulnerable
programs. These attacks remain a serious problem despite previous research on techniques …
programs. These attacks remain a serious problem despite previous research on techniques …
Runtime countermeasures for code injection attacks against C and C++ programs
Y Younan, W Joosen, F Piessens - ACM Computing Surveys (CSUR), 2012 - dl.acm.org
The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks
exploit these vulnerabilities to gain control over the execution flow of applications. These …
exploit these vulnerabilities to gain control over the execution flow of applications. These …
Hardbound: Architectural support for spatial safety of the C programming language
The C programming language is at least as well known for its absence of spatial memory
safety guarantees (ie, lack of bounds checking) as it is for its high performance. C's …
safety guarantees (ie, lack of bounds checking) as it is for its high performance. C's …
Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities
Use-after-free vulnerabilities are rapidly growing in popularity, especially for exploiting web
browsers. Use-after-free (and double-free) vulnerabilities are caused by a program …
browsers. Use-after-free (and double-free) vulnerabilities are caused by a program …
Backwards-compatible array bounds checking for C with very low overhead
D Dhurjati, V Adve - Proceedings of the 28th international conference on …, 2006 - dl.acm.org
The problem of enforcing correct usage of array and pointer references in C and C++
programs remains unsolved. The approach proposed by Jones and Kelly (extended by …
programs remains unsolved. The approach proposed by Jones and Kelly (extended by …
[PDF][PDF] FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers.
Y Younan - NDSS, 2015 - fort-knox.org
Use-after-free vulnerabilities have become an important class of security problems due to
the existence of mitigations that protect against other types of vulnerabilities. The effects of …
the existence of mitigations that protect against other types of vulnerabilities. The effects of …
Cornucopia: Temporal safety for CHERI heaps
NW Filardo, BF Gutstein, J Woodruff… - … IEEE Symposium on …, 2020 - ieeexplore.ieee.org
Use-after-free violations of temporal memory safety continue to plague software systems,
underpinning many high-impact exploits. The CHERI capability system shows great promise …
underpinning many high-impact exploits. The CHERI capability system shows great promise …