Feb. 7, 2024, 5:10 a.m. | Ruizhe Wang Meng Xu N. Asokan

cs.CR updates on arXiv.org arxiv.org

Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. While many solutions have been proposed, they seem to balance security, run-time cost, and memory overhead (an impossible trinity) in awkward ways. In this paper, we show that a balance can be achieved by passing more semantics about the heap object to the allocator for it to make informed allocation decisions. More specifically, we propose a new notion of thread-, context-, and flow-sensitive "type", SemaType, to capture the …

balance can cost critical cs.cr free languages memory object prevalent problem run security solutions uaf use-after-free

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Senior Cloud Security Engineer

@ Cofense | Remote, United States

Cyber Hygiene GCP Cloud Junior Engineer

@ Deutsche Bank | Bucharest

Engineer - Software - Cyber

@ Valeo | BANGALORE - BAN1