Abstract
- Ensure a program get and only get expected data from Main Memory and Register
- To achieve Memory Safety, we need to achieve the absence of undefined behaviour
Note
It can be perfectly safe to have a pointer to freed memory. The important thing is to not use that pointer again, like reading it or freeing it etc
Poor Memory Safety
- Segmentation Fault that leads to a crash in the Process (进程) or write into other parts of the process
- When hackers can write into other parts of the process, they can use malicious input to trick the program from doing unwanted things. 70% of reported security vulnerabilities in low-level systems are caused by memory corruption. Memory Safe Languages in Android 13 reduces vulnerabilities
- Backdoor that some hackers are taking advantages of, and many other memory errors
Achieve Memory Safety
Rust
- Ensure Memory Safety at compile time, reducing potential runtime errors without sacrificing speed
Java
- Take care of memory management with a Garbage Collector during runtime, this comes with performance compromise
C++
- Make use of Smart Pointers to automate the memory management during runtime
- However, developers are still able to perform memory management directly. Developers need to follow best practices to minimise the chance of violating memory safety