Litcius/Paper detail

MineSweeper: a “clean sweep” for drop-in use-after-free prevention

Márton Erdős, Sam Ainsworth, Timothy M. Jones

202213 citationsDOIOpen Access PDF

Abstract

Low-level languages, which require manual memory management from the programmer, remain in wide use for performance-critical applications. Memory-safety bugs are common, and now a major source of exploits. In particular, a use-after-free bug occurs when an object is erroneously deallocated, whilst pointers to it remain active in memory, and those (dangling) pointers are later used to access the object. An attacker can reallocate the memory area backing an erroneously freed object, then overwrite its contents, injecting carefully chosen data into the host program, thus altering its execution and achieving privilege escalation.

Topics & Concepts

Computer scienceProgrammerExploitMemory safetyMemory leakPrivilege (computing)Object (grammar)Operating systemMemory protectionMemory managementEmbedded systemProgramming languageVirtual memoryComputer securitySemiconductor memorySoftwareArtificial intelligenceSecurity and Verification in ComputingParallel Computing and Optimization TechniquesAdvanced Malware Detection Techniques