Claude-skill-registry detecting-use-after-free
Detects use-after-free vulnerabilities by identifying pointer dereferences after memory deallocation. Use when analyzing memory management, cleanup code, or investigating dangling pointer issues.
install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/detecting-use-after-free" ~/.claude/skills/majiayu000-claude-skill-registry-detecting-use-after-free && rm -rf "$T"
manifest:
skills/data/detecting-use-after-free/SKILL.mdsource content
Use-After-Free Detection
Detection Workflow
- Identify free operations: Find all free(), realloc(), delete calls and note the pointer being freed
- Trace pointer usage: Use
to find all dereferences of the pointerxrefs_to - Check control flow: Analyze paths through code to identify usage after free
- Assess exploitability: Can attacker control freed memory? Is there a useful use-after-free? Can memory be reallocated?
Key Patterns
- Pointer dereference after free()
- Double free vulnerabilities
- Invalid pointer access after realloc()
- Reference counting issues
Output Format
Report with: id, type, subtype, severity, confidence, location, freed pointer, free operation, use operation, use-after-free status, distance, exploitability, attack scenario, impact, mitigation.
Severity Guidelines
- CRITICAL: Use-after-free with code execution
- HIGH: Use-after-free with data corruption
- MEDIUM: Use-after-free causing crashes
- LOW: Use-after-free with limited impact
See Also
- Detailed detection patterns and exploitation scenariospatterns.md
- Example analysis cases and code samplesexamples.md
- CWE references and mitigation strategiesreferences.md