Good question. If I had to bet I'd say something like half of the 70% would be p... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IshKebab on March 31, 2025 \| parent \| context \| favorite \| on: Taming the UB Monsters in C++ Good question. If I had to bet I'd say something like half of the 70% would be prevented. Yeah it wouldn't really help with lifetime issues or type confusion but a huge proportion of that 70% is simple out-of-bounds memory accesses. But don't forget lots of open source code is written in C and this barely helps there.

gw2 on March 31, 2025 [–]

> something like half of the 70% would be prevented

Sure, but the other half are use-after-frees and those would not be exploitable anyway because of CFI and shadow stacks.

IshKebab on March 31, 2025 | [–]

That is a very bold claim!

gw2 on April 1, 2025 | | [–]

Have a look at this repo: https://github.com/trailofbits/clang-cfi-showcase

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact