For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Detecting Unsafe Raw Pointer Dereferencing Behavior in Rust
Zhijian HUANG Yong Jun WANG Jing LIU
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2018/08/01
Online ISSN: 1745-1361
Type of Manuscript: LETTER
Category: Dependable Computing
unsafe rust, raw pointer dereferencing, multiple mutable references, thief function,
Full Text: PDF(285.6KB)
>>Buy this Article
The rising systems programming language Rust is fast, efficient and memory safe. However, improperly dereferencing raw pointers in Rust causes new safety problems. In this paper, we present a detailed analysis into these problems and propose a practical hybrid approach to detecting unsafe raw pointer dereferencing behaviors. Our approach employs pattern matching to identify functions that can be used to generate illegal multiple mutable references (We define them as thief function) and instruments the dereferencing operation in order to perform dynamic checking at runtime. We implement a tool named UnsafeFencer and has successfully identified 52 thief functions in 28 real-world crates*, of which 13 public functions are verified to generate multiple mutable references.