argp         posts     research     bugs

Paper notes: Undangle

Title: Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities
PDF: 881dc45d33c7bfea662a0889918999e4.pdf

Uses TEMU to produce an execution/allocations log which is then parsed offline; for each freed heap object the pointers to it are labeled as dangling; taint propagation-like techniques are used to track pointers.

Original Twitter link: