LightDE: A Lightweight Method for Eliminating Dangling Pointers

TL;DR

LightDE is a lightweight static analysis-based method that eliminates dangling pointers to prevent UAF vulnerabilities without runtime overhead, improving software security efficiently.

Contribution

LightDE introduces a novel static pointer analysis approach that eliminates the need for runtime pointer tracking, making UAF defense more lightweight and practical.

Findings

Effectively defends against UAF vulnerabilities

Introduces minimal performance overhead

Uses static analysis during compilation

Abstract

The widespread presence of Use-After-Free (UAF) vulnerabilities poses a serious threat to software security, with dangling pointers being considered the primary cause of these vulnerabilities. However, existing methods for defending against UAF vulnerabilities by eliminating dangling pointers need to interrupt the program's execution when encountering pointer assignment operations in order to store the memory addresses of the pointers in a specific data structure. This makes these methods not lightweight. To overcome this drawback, we propose a novel approach called LightDE. This method does not require storing the memory addresses of pointers during program execution. LightDE uses our proposed structure-sensitive pointer analysis method to determine which objects pointers point to and stores the pointing relationships in the program's data segment during program compilation. Since LightDE only needs to verify if pointers identified by the pointer analysis point to released objects when eliminating dangling pointers, it is very lightweight. Our experimental results show that LightDE can effectively defend against UAF vulnerabilities and the performance overhead it introduces is very low.