Everything you want to know about pointer-based checking

Santosh Nagarakatte, Milo M.K. Martin, Steve Zdancewic

Research output: Chapter in Book/Report/Conference proceedingConference contribution

24 Scopus citations


Lack of memory safety in C/C++ has resulted in numerous security vulnerabilities and serious bugs in large software systems. This paper highlights the challenges in enforcing memory safety for C/C++ programs and progress made as part of the SoftBoundCETS project. We have been exploring memory safety enforcement at various levels - in hardware, in the compiler, and as a hardware-compiler hybrid - in this project. Our research has identified that maintaining metadata with pointers in a disjoint metadata space and performing bounds and use-after-free checking can provide comprehensive memory safety. We describe the rationale behind the design decisions and its ramifications on various dimensions, our experience with the various variants that we explored in this project, and the lessons learned in the process. We also describe and analyze the forthcoming Intel Memory Protection Extensions (MPX) that provides hardware acceleration for disjoint metadata and pointer checking in mainstream hardware, which is expected to be available later this year.

Original languageEnglish (US)
Title of host publication1st Summit on Advances in Programming Languages, SNAPL 2015
EditorsThomas Ball, Rastislav Bodik, Benjamin S. Lerner, Greg Morrisett, Shriram Krishnamurthi
PublisherSchloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
Number of pages19
ISBN (Electronic)9783939897804
StatePublished - May 1 2015
Event1st Summit on Advances in Programming Languages, SNAPL 2015 - Asilomar, United States
Duration: May 3 2015May 6 2015

Publication series

NameLeibniz International Proceedings in Informatics, LIPIcs
ISSN (Print)1868-8969


Other1st Summit on Advances in Programming Languages, SNAPL 2015
CountryUnited States

All Science Journal Classification (ASJC) codes

  • Software


  • Buffer overflows
  • Dangling pointers
  • Memory safety
  • Pointer-based checking
  • Softboundcets

Fingerprint Dive into the research topics of 'Everything you want to know about pointer-based checking'. Together they form a unique fingerprint.

Cite this