Due to the absence of validity detection on pointers and automatic memory rubbish reclaim mechanisms in programming languages such as the C/C++language,software developed in these languages may have many memory safety...Due to the absence of validity detection on pointers and automatic memory rubbish reclaim mechanisms in programming languages such as the C/C++language,software developed in these languages may have many memory safety vulnerabilities,such as Use-After-Free(UAF)vulnerability.An UAF vulnerability occurs when a memory object has been freed,but it can still be accessed through a dangling pointer that points to the object before it is reclaimed.Since UAF vulnerabilities are frequently exploited by malware which may lead to memory data leakage or corruption,much research work has been carried out to detect UAF vulnerabilities.This paper investigates existing UAF detection methods.After comparing and categorizing these methods,an outlook on the future development of UAF detection methods is provided.This has an important reference value for subsequent research on UAF detection.展开更多
文摘Due to the absence of validity detection on pointers and automatic memory rubbish reclaim mechanisms in programming languages such as the C/C++language,software developed in these languages may have many memory safety vulnerabilities,such as Use-After-Free(UAF)vulnerability.An UAF vulnerability occurs when a memory object has been freed,but it can still be accessed through a dangling pointer that points to the object before it is reclaimed.Since UAF vulnerabilities are frequently exploited by malware which may lead to memory data leakage or corruption,much research work has been carried out to detect UAF vulnerabilities.This paper investigates existing UAF detection methods.After comparing and categorizing these methods,an outlook on the future development of UAF detection methods is provided.This has an important reference value for subsequent research on UAF detection.
