Pointer Ownership Model

Pointers are a dangerous feature of C/C++, and incorrect use of them is a common source of bugs and vulnerabilities. Nonetheless, many C/C++ programmers work with pointers safely, by maintaining an internal model of when memory accessed through pointers should be allocated and subsequently freed.

Our pointer ownership research aims to eliminate vulnerabilities resulting from accessing freed memory, multiple frees, freeing memory not allocated by standard allocation functions, and memory leaks. We are working on a practical approach that minimizes programmer effort, is timely, implementable, scalable, and achieves low annotation effort and low runtime overheads.

The research approach is to design and implement the Pointer Ownership Model (POM). This model can statically identify classes of errors that involve dynamic memory in C programs. The model works by requiring the developer to identify responsible pointers (i.e., pointers whose objects must be explicitly freed before the pointers themselves may be destroyed). The POM can be statically analyzed to ensure that the design is consistent and secure, and that the code correctly implements the design. Consequently, the POM can be used to identify and eliminate many dynamic memory errors from C programs.