A Pointer-Ownership Model for C Inspired by Rust

Memory-safety bugs are a major source of vulnerabilities in C code. Much work has focused on spatial memory safety (e.g., buffer overflows), while temporal memory safety (e.g., use-after-free) has received less attention. One solution for achieving temporal memory safety is to apply an owner ship model to an existing program and enforce it. In this paper, we describe the design and implementation of a new temporal memory safety model for C source code. Our de sign improves on CERT’s Pointer Ownership Model with enhancements including use of a SAT solver to enforce constraint satisfaction, LLMs to complete a per-program model, and an improved mechanism to prevent use-after-free errors inspired by Rust’s borrow checker and object lifetimes. Our implementation performed well on a large test suite of memory-safe and memory-unsafe code examples. We tested all 4,604 C code examples for the 5 CWEs associated with temporal memory safety (CWEs 401, 415, 416, 590, 761) from the Juliet C/C++ test suite. In our tests, all of the memory unsafe examples were correctly recognized as unsafe, and 81% of the 2,302 memory-safe examples were correctly recognized as memory-safe.