Publications related to Memory safety

Comprehensive Memory Safety Validation: An Alternative Approach to Memory Safety

Comprehensive memory safety validation identifies the memory objects whose accesses provably comply with all classes of memory safety, protecting them from memory errors elsewhere at low overhead. We assess the breadth and depth of comprehensive memory saf ...

Ieee Computer Soc2024

Safe Low-Level Code Without Overhead is Practical

George Candea, Solal Vincenzo Pirelli

Developers write low-level systems code in unsafe programming languages due to performance concerns. The lack of safety causes bugs and vulnerabilities that safe languages avoid. We argue that safety without run-time overhead is possible through type invar ...

IEEE COMPUTER SOC2023

Preventing Use-After-Free Attacks with Fast Forward Allocation

Sanidhya Kashyap, Jungwon Lim

Memory-unsafe languages are widely used to implement critical systems like kernels and browsers, leading to thousands of memory safety issues every year. A use-after-free bug is a temporal memory error where the program accidentally visits a freed memory l ...

USENIX ASSOC2021

Formal Verification of Rust with Stainless

Writing correct software is hard, yet in systems that have a high failure cost or are not easily upgraded like blockchains, bugs and security problems cannot be tolerated. Therefore, these systems are perfect use cases for formal verification, the task of ...

2021

Admissibility of Uncertain Injections in Quadratic Algebraic Systems

Jean-Yves Le Boudec, Cong Wang, Eleni Stai

We study the admissibility problem in multivariate algebraic systems, such as ac electrical networks, where the power injection is quadratic in the state. The goal of such systems is to ensure that the state stays in some security set (e.g., magnitudes of ...

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC2021

A Type-and-Effect System for Object Initialization

Martin Odersky, Fengyun Liu, Paolo Giosuè Giarrusso, Ondrej Lhoták

Every newly created object goes through several initialization states: starting from a state where all fields are uninitialized until all of them are assigned. Any operation on the object during its initialization process, which usually happens in the cons ...

2020

Safe Initialization of Objects

Martin Odersky, Fengyun Liu, Paolo Giosuè Giarrusso, Ondrej Lhoták

Every newly created object goes through several initialization states: starting from a state where all fields are uninitialized until all of them are assigned. Any operation on the object during its initialization process, which usually happens in the cons ...

2020

A Type-and-Effect System for Object Initialization

Martin Odersky, Fengyun Liu, Paolo Giosuè Giarrusso, Ondrej Lhoták

Every newly created object goes through several initialization states: starting from a state where all fields are uninitialized until all of them are assigned. Any operation on the object during its initialization process, which usually happens in the cons ...

ASSOC COMPUTING MACHINERY2020

Safe initialization of objects

Fengyun Liu

The inception of object-oriented programming introduces a category of bugs related to object construction: initialization errors. Every newly created object goes through several initialization states: starting from a state where all fields are uninitialize ...

EPFL2020

RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization

Mathias Josef Payer, Duo Xu

Analyzing the security of closed source binaries is currently impractical for end-users, or even developers who rely on third-party libraries. Such analysis relies on automatic vulnerability discovery techniques, most notably fuzzing with sanitizers enable ...

IEEE COMPUTER SOC2020

Memory safety

Comprehensive Memory Safety Validation: An Alternative Approach to Memory Safety

Safe Low-Level Code Without Overhead is Practical

Preventing Use-After-Free Attacks with Fast Forward Allocation

Formal Verification of Rust with Stainless

Admissibility of Uncertain Injections in Quadratic Algebraic Systems

A Type-and-Effect System for Object Initialization

Safe Initialization of Objects

A Type-and-Effect System for Object Initialization

Safe initialization of objects

RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization

Graph Chatbot

Chat with Graph Search

Comprehensive Memory Safety Validation: An Alternative Approach to Memory Safety

Formal Verification of Rust with Stainless

A Type-and-Effect System for Object Initialization

RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization

Safe Low-Level Code Without Overhead is Practical

Safe initialization of objects

Preventing Use-After-Free Attacks with Fast Forward Allocation

Admissibility of Uncertain Injections in Quadratic Algebraic Systems

A Type-and-Effect System for Object Initialization

Safe Initialization of Objects