The rising systems programming language Rust is fast, efficient and memory safe. However, improperly dereferencing raw pointers in Rust causes new safety problems. In this paper, we present a detailed analysis into these problems and propose a practical hybrid approach to detecting unsafe raw pointer dereferencing behaviors. Our approach employs pattern matching to identify functions that can be used to generate illegal multiple mutable references (We define them as thief function) and instruments the dereferencing operation in order to perform dynamic checking at runtime. We implement a tool named UnsafeFencer and has successfully identified 52 thief functions in 28 real-world crates*, of which 13 public functions are verified to generate multiple mutable references.
Zhijian HUANG
National University of Defense Technology
Yong Jun WANG
National University of Defense Technology
Jing LIU
National University of Defense Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Zhijian HUANG, Yong Jun WANG, Jing LIU, "Detecting Unsafe Raw Pointer Dereferencing Behavior in Rust" in IEICE TRANSACTIONS on Information,
vol. E101-D, no. 8, pp. 2150-2153, August 2018, doi: 10.1587/transinf.2018EDL8040.
Abstract: The rising systems programming language Rust is fast, efficient and memory safe. However, improperly dereferencing raw pointers in Rust causes new safety problems. In this paper, we present a detailed analysis into these problems and propose a practical hybrid approach to detecting unsafe raw pointer dereferencing behaviors. Our approach employs pattern matching to identify functions that can be used to generate illegal multiple mutable references (We define them as thief function) and instruments the dereferencing operation in order to perform dynamic checking at runtime. We implement a tool named UnsafeFencer and has successfully identified 52 thief functions in 28 real-world crates*, of which 13 public functions are verified to generate multiple mutable references.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2018EDL8040/_p
Copy
@ARTICLE{e101-d_8_2150,
author={Zhijian HUANG, Yong Jun WANG, Jing LIU, },
journal={IEICE TRANSACTIONS on Information},
title={Detecting Unsafe Raw Pointer Dereferencing Behavior in Rust},
year={2018},
volume={E101-D},
number={8},
pages={2150-2153},
abstract={The rising systems programming language Rust is fast, efficient and memory safe. However, improperly dereferencing raw pointers in Rust causes new safety problems. In this paper, we present a detailed analysis into these problems and propose a practical hybrid approach to detecting unsafe raw pointer dereferencing behaviors. Our approach employs pattern matching to identify functions that can be used to generate illegal multiple mutable references (We define them as thief function) and instruments the dereferencing operation in order to perform dynamic checking at runtime. We implement a tool named UnsafeFencer and has successfully identified 52 thief functions in 28 real-world crates*, of which 13 public functions are verified to generate multiple mutable references.},
keywords={},
doi={10.1587/transinf.2018EDL8040},
ISSN={1745-1361},
month={August},}
Copy
TY - JOUR
TI - Detecting Unsafe Raw Pointer Dereferencing Behavior in Rust
T2 - IEICE TRANSACTIONS on Information
SP - 2150
EP - 2153
AU - Zhijian HUANG
AU - Yong Jun WANG
AU - Jing LIU
PY - 2018
DO - 10.1587/transinf.2018EDL8040
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E101-D
IS - 8
JA - IEICE TRANSACTIONS on Information
Y1 - August 2018
AB - The rising systems programming language Rust is fast, efficient and memory safe. However, improperly dereferencing raw pointers in Rust causes new safety problems. In this paper, we present a detailed analysis into these problems and propose a practical hybrid approach to detecting unsafe raw pointer dereferencing behaviors. Our approach employs pattern matching to identify functions that can be used to generate illegal multiple mutable references (We define them as thief function) and instruments the dereferencing operation in order to perform dynamic checking at runtime. We implement a tool named UnsafeFencer and has successfully identified 52 thief functions in 28 real-world crates*, of which 13 public functions are verified to generate multiple mutable references.
ER -