EarlyDLDetect: An Early Root-Cause Locator of Dangling Pointers and Memory Leaks
Memory error detection tools like Address Sanitizer (ASAN) can detect the existence of dangling pointers and memory leaks, but cannot report their root causes, i.e., where they occur in the source code. For this reason, even with vulnerability reports and proof-of-concepts (PoC) using ASAN, it is of...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10792904/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Memory error detection tools like Address Sanitizer (ASAN) can detect the existence of dangling pointers and memory leaks, but cannot report their root causes, i.e., where they occur in the source code. For this reason, even with vulnerability reports and proof-of-concepts (PoC) using ASAN, it is often not easy to fix them. To mitigate this problem, we propose a novel detection tool EarlyDLDetect, which early reports the root causes of dangling pointers and memory leaks. In the empirical evaluation using our EarlyDLDetect implementation, EarlyDLDetect early detected 14 real-world vulnerabilities and provided the location of their root causes with acceptable runtime/memory overheads for debugging purposes. Three bug-fixing patches that we created based on EarlyDLDetect’s detection are adopted by the original open-source projects. |
|---|---|
| ISSN: | 2169-3536 |