Author(s): David Dewey and Jon Giffin

Download: Paper (PDF)

Date: 8 Feb 2012

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2012


The complexities of C++ create new memory safety vulnerabilities not present in simpler software. We present vtable escape bugs, a type confusion error present in real, deployed C++ software, and we show how automated binary code analyses can statically detect the security defects by reconstructing high-level classes and objects.