Proceedings 2015 Network and Distributed System Security Symposium 2015
DOI: 10.14722/ndss.2015.23190
|View full text |Cite
|
Sign up to set email alerts
|

FreeSentry: Protecting Against Use-After-Free Vulnerabilities Due to Dangling Pointers

Abstract: Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations that protect against other types of vulnerabilities. The effects of their exploitation can be just as devastating as exploiting a buffer overflow, potentially resulting in full code execution within the vulnerable program. Few protections exist against these types of vulnerabilities and they are particularly hard to discover through manual code inspection. In this paper we present FreeSentry: … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
104
0

Year Published

2017
2017
2024
2024

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 85 publications
(104 citation statements)
references
References 28 publications
0
104
0
Order By: Relevance
“…References [9] and [11] detect dangling pointers by a static analysis of a binary program. Reference [12] inserts dynamic runtime checks for protecting against UAF vulnerabilities. This approach requires a source code.…”
Section: Related Workmentioning
confidence: 99%
“…References [9] and [11] detect dangling pointers by a static analysis of a binary program. Reference [12] inserts dynamic runtime checks for protecting against UAF vulnerabilities. This approach requires a source code.…”
Section: Related Workmentioning
confidence: 99%
“…DieHard(er) [Berger and Zorn 2006;Novark and Berger 2010] and Archipelago [Lvin et al 2008] randomize allocations to make the application less vulnerable to memory attacks. Several systems detect accesses to freed objects [Lee et al 2015;Nagarakatte et al 2010;Younan 2015], but do not provide full type safety.…”
Section: Related Workmentioning
confidence: 99%
“…In addition, a recent study shows that buffer overflows are the commonest vulnerability in the last quarter century [61]. Furthermore, spatial errors persist today, as demonstrated by a recently reported Heartbleed vulnerability in OpenSSL (CVE-2014-0160).…”
Section: Introductionmentioning
confidence: 96%