What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check
Yunlong Xing, Qi Li
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
Null Pointer Dereference (NPD) is a pervasive and critical class of software vulnerabilities that occurs when a program attempts to access memory via a null pointer. This operation almost invariably leads to a program crash, often manifesting as a segmentation fault. When exploited by malicious actors, NPDs can have severe consequences, ranging from Denial of Service (DoS) and resource leakage to arbitrary code execution and system-wide crashes. The talk, "What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check," presented by Yunlong Xing from George Mason University, introduces CONK, a novel approach designed to generate more accurate patches for NPD errors by incorporating valuable contextual information that prior automated patching techniques often overlook.
AI review
This talk presents CONK, a novel framework for automatically patching Null Pointer Dereference vulnerabilities. It significantly improves upon prior work by integrating crucial contextual information, leading to a much higher rate of correct patches. This isn't just another `if` check paper; it's a substantive step forward in automated program repair.