Automated CFI for Legacy C/C++ Systems
Research Paper#Security, Compiler, CFI🔬 Research|Analyzed: Jan 3, 2026 19:43•
Published: Dec 27, 2025 20:38
•1 min read
•ArXivAnalysis
This paper presents CFIghter, an automated system to enable Control-Flow Integrity (CFI) in large C/C++ projects. CFI is important for security, and the automation aspect addresses the significant challenges of deploying CFI in legacy codebases. The paper's focus on practical deployment and evaluation on real-world projects makes it significant.
Key Takeaways
- •CFIghter automates the deployment of CFI in legacy C/C++ systems.
- •It addresses visibility mismatches, type inconsistencies, and behavioral failures.
- •The system uses whole-program analysis, runtime monitoring, and iterative adjustments.
- •Evaluation on GNU projects demonstrates high success rates in violation repair and CFI enforcement.
Reference / Citation
View Original"CFIghter automatically repairs 95.8% of unintended CFI violations in the util-linux codebase while retaining strict enforcement at over 89% of indirect control-flow sites."