Jump to content

Locked Heap_Detective: detect heap memory pitfalls in C++ and C


Recommended Posts

This is the hidden content, please

This tool uses the taint analysis technique for static analysis and aims to identify points of heap memory usage vulnerabilities in C and C++ languages. The tool uses a common approach in the first phase of static analysis, using tokenization to collect information.

The second phase has a different approach to common lessons of the legendary dragon book, yes the tool doesn’t use AST or resources like LLVM following parsers’ and standard tips. The approach present aims to study other ways to detect vulnerabilities, using custom vector structures and typical recursive traversal with ranking following taint point. So the result of the sum of these techniques is the Heap_detective.


  •     C and C++ tokenizer
  •     List of heap static routes for each source with taint points for analysis
  •     Analyser to detect double free vulnerability
  •     Analyser to detect use after free vulnerability

This is the hidden content, please

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.