memory-safety
Safeguard articles tagged "memory-safety" — guides, analysis, and best practices for software supply chain and application security.
39 articles
Type confusion vulnerabilities explained
Type confusion bugs let attackers corrupt memory by exploiting mismatched type assumptions. See real CVEs, how JIT engines fail, and how to catch it early.
Out-of-Bounds Read Vulnerabilities (CWE-125) Explained
How out-of-bounds read vulnerabilities (CWE-125) leak memory instead of crashing programs, why Heartbleed and Cloudbleed happened, and how to catch them in your dependencies.
Out-of-Bounds Write Vulnerabilities (CWE-787) Explained
CWE-787 out-of-bounds write bugs let attackers corrupt memory past a buffer's limit, causing crashes or code execution. Here's how they work.
Improper Restriction of Operations Within Memory Bounds
CWE-119 has topped MITRE's vulnerability rankings for years, from Heartbleed to WannaCry to the 2023 libwebp zero-day. Here's why it persists and how to catch it early.
Unsafe Rust code vulnerability patterns
RustSec advisories tied to unsafe code keep climbing. Here's how unsound FFI, transmute misuse, and unchecked indexing become real exploits.
Double-Free Vulnerabilities in C and C++
Double-free bugs let attackers corrupt heap memory and hijack control flow. Here's how they happen in C/C++, real CVEs, and how to catch them early.
Rust Memory Safety: A CVE Trend Analysis
Analysis of CVE data across Rust crates and std releases, measuring how memory safety affects vulnerability shape, density, and unsafe-block concentration.
Buffer Overflow Exploits: A Practical Example
A buffer overflow exploit example, walked through step by step, showing exactly how writing past the end of a fixed-size buffer can turn a simple C function into arbitrary code execution.
Use-After-Free Vulnerabilities: How They're Exploited
A use-after-free exploit turns a dangling pointer into arbitrary code execution — here's how the bug class works, why it still dominates browser and kernel CVEs, and how to catch it before release.
Zig's Memory Safety Model: A Security Analysis for Systems Programmers
Zig offers memory safety features that C lacks but does not go as far as Rust. For security-critical code, understanding where Zig sits on the safety spectrum matters.
What is Fuzzing
Fuzzing feeds programs malformed input at machine speed to trigger crashes and expose memory-safety bugs. Here's how fuzz testing works and why it matters.
CISA's Memory-Safe Languages Roadmap: What It Means for Software Development
CISA publishes a roadmap urging the industry to transition to memory-safe programming languages, targeting the root cause of roughly 70% of critical vulnerabilities.