An Analysis of the Use After Free Vulnerability (CWE-416)

What is it, Where does it happen, How can we prevent it?

The Use After Free vulnerability is a type of memory safety vulnerability which refers to when a program attempts to access a region of memory in the heap memory space after it has been deallocated.

This is caused by an incorrect use of dynamic memory allocation such that the program continues to use a pointer after the memory location it refers to has been freed. Such a vulnerability can occur in programming languages that require the programmer to manually allocate and deallocate memory in the program source code such as C and C++.

The deallocated memory location is accessed using a special type of pointer called a dangling pointer. A dangling pointer is a pointer that previously pointed to some value in memory by containing its memory address but the memory it’s pointing to has been deallocated.

This phenomena occurs at some point during program execution where the allocated memory was deallocated so that it no longer contains a value. If the pointer was not manually cleared from pointing to that memory location, the pointer will still hold the memory address to that now deallocated memory