|
|
|
|
|
|
by IshKebab
440 days ago
|
|
|
Good question. If I had to bet I'd say something like half of the 70% would be prevented. Yeah it wouldn't really help with lifetime issues or type confusion but a huge proportion of that 70% is simple out-of-bounds memory accesses. But don't forget lots of open source code is written in C and this barely helps there. |
|
|
Sure, but the other half are use-after-frees and those would not be exploitable anyway because of CFI and shadow stacks.