Ensuring memory safety in unmanaged languages is a significant challenge, as traditional approaches force a difficult trade-off between the efficiency of inline metadata and the flexibility of disjoint storage. Consequently, many solutions suffer from either prohibitive metadata overhead or an inability to interface with legacy binary code.

PSan is a compiler-based sanitizer that instruments pointer checks into programs to ensure memory safety. For better performance and compatibility, PSan pioneers the hybrid and simultaneous use of fat pointers and shadow memory in the instrumented program. To minimize metadata overhead, PSan’s whole-program analysis identifies eligible pointers with accurate and complete dataflow paths and consistently transforms all code along these paths. PSan uses shadow memory for the remaining pointers to preserve binary compatibility with legacy code and to tolerate pointer analysis inaccuracies. PSan reduces pointer-checking overhead by 44% compared with prior work. Shengjie (John)’s work will appear at ACSAC 2025 next week. You can read the details here!