<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.10.0">Jekyll</generator><link href="https://blazer502.github.io/feed.xml" rel="self" type="application/atom+xml" /><link href="https://blazer502.github.io/" rel="alternate" type="text/html" /><updated>2026-07-02T05:38:12+00:00</updated><id>https://blazer502.github.io/feed.xml</id><title type="html">Chanyoung Park</title><subtitle>I am a student in a Combined Master&apos;s and Doctorate program at UNIST (Ulsan National Institute of Science and Technology, South Korea) under the supervision of &lt;a href=&apos;https://hyungon.unist.ac.kr/&apos;&gt;Prof.Hyungon Moon&lt;/a&gt;.</subtitle><entry><title type="html">Starting this blog</title><link href="https://blazer502.github.io/blog/2026/07/01/starting-this-blog/" rel="alternate" type="text/html" title="Starting this blog" /><published>2026-07-01T00:00:00+00:00</published><updated>2026-07-01T00:00:00+00:00</updated><id>https://blazer502.github.io/blog/2026/07/01/starting-this-blog</id><content type="html" xml:base="https://blazer502.github.io/blog/2026/07/01/starting-this-blog/"><![CDATA[<p>I’ve kept notes for years in private files and scattered documents. This is my
attempt to move some of that into the open.</p>

<p>The plan is simple: write short, honest posts about the things I work on —
operating systems, memory safety, and system security — plus the occasional
note on papers I’m reading and lessons from research life. Nothing here is
meant to be a polished paper; it’s a place to think out loud.</p>

<p>For the formal record — publications, research experience, and education — see
my <a href="/">CV</a>.</p>

<p>If something here is wrong or could be sharper, tell me. That’s half the point
of writing it down.</p>]]></content><author><name></name></author><category term="Meta" /><category term="meta" /><summary type="html"><![CDATA[Why I'm starting a blog, and what I plan to write about — systems, security, and the day-to-day of research.]]></summary></entry><entry><title type="html">Use-after-free, in one page</title><link href="https://blazer502.github.io/blog/2026/06/18/use-after-free-in-one-page/" rel="alternate" type="text/html" title="Use-after-free, in one page" /><published>2026-06-18T00:00:00+00:00</published><updated>2026-06-18T00:00:00+00:00</updated><id>https://blazer502.github.io/blog/2026/06/18/use-after-free-in-one-page</id><content type="html" xml:base="https://blazer502.github.io/blog/2026/06/18/use-after-free-in-one-page/"><![CDATA[<p>A <strong>use-after-free (UAF)</strong> bug is what it sounds like: a program frees a chunk
of memory, then keeps using a pointer that still refers to it. The pointer is
now <em>dangling</em> — it points at an address the allocator considers free.</p>

<p>Why is that dangerous? Because the allocator will happily hand that same address
to the next allocation. Now two pieces of code believe they own the same bytes.
A read through the stale pointer can leak whatever the new owner put there; a
write can corrupt it. With careful heap grooming, that primitive turns into
control-flow hijacking.</p>

<p>What makes UAF stubborn is that the <em>bug</em> and the <em>exploit</em> are separated in
time. Freeing early is often correct; the mistake is holding a reference you
forgot about. Static analysis struggles with aliasing, and purely runtime
defenses have to decide the hard question: when is it truly safe to reuse an
address?</p>

<p>That “when is it safe to reuse” question is exactly what a lot of my work is
about — sweeping the heap to confirm no dangling references remain before an
address is recycled. My <a href="/">CV</a> links the papers.</p>]]></content><author><name></name></author><category term="Security" /><category term="security" /><category term="memory-safety" /><summary type="html"><![CDATA[A quick, high-level tour of what use-after-free bugs are and why they are so stubborn to eliminate.]]></summary></entry></feed>