Hacker News new | ask | show | jobs
by pcwalton 1636 days ago
Some sort of pointer tagging system, like 128-bit pointers where the upper word is a unique generation ID, might be the simplest approach to eliminate security problems from use-after-free, but it's going to have some amount of runtime overhead (though new hardware features may help to reduce it).

Alternately, use a GC.
1 comments
azakai 1636 days ago
Another option is something like Type-After-Type (make allocations use type-specific regions, so use-after-free is still fully type safe at least):

https://download.vusec.net/papers/tat_acsac18.pdf

link
pcwalton 1636 days ago
Yes, something like that may work. Note that this approach also has time and memory overhead quoted in the paper. There's no free lunch.
link