|
|
|
|
|
|
by azakai
1665 days ago
|
|
|
> prevent any use-after-free (by just zeroing out the freed memory) It's not quite that simple if you want to reuse that memory address. Not reusing memory addresses is a definite option, but it won't work well on 32-bit (you can run out of address space). On 64-bit you may eventually hit limits as well (if you have many pages kept alive by small amounts of usage inside them). It is however possible to make use-after-free type-safe at least, see e.g. Type-After-Type, https://dl.acm.org/doi/10.1145/3274694.3274705 Type safety removes most of the risk of use-after-free (it becomes equivalent to the indexes-in-an-array pattern: you can use the wrong index and look at "freed" data but you can't view a raw pointer or corrupt one.). That's in return for something like 10% overhead, so it is a tradeoff, of course. Rust is a definite improvement on the state of the art in this area. |
|
|