Sciweavers

20 search results - page 1 / 4
» Buffer overrun detection using linear programming and static...
Sort
View
CCS
2003
ACM
13 years 10 months ago
Buffer overrun detection using linear programming and static analysis
This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C stri...
Vinod Ganapathy, Somesh Jha, David Chandler, David...
NDSS
2000
IEEE
13 years 9 months ago
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities
We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection...
David Wagner, Jeffrey S. Foster, Eric A. Brewer, A...
CJ
2010
150views more  CJ 2010»
13 years 2 months ago
Program Analysis Probably Counts
Abstract. Semantics-based program analysis uses an abstract semantics of programs/systems to statically determine run-time properties. Classic examples from compiler technology inc...
Alessandra Di Pierro, Chris Hankin, Herbert Wiklic...
ESOP
2008
Springer
13 years 7 months ago
Inferring Channel Buffer Bounds Via Linear Programming
We present a static analysis for inferring the maximum amount of buffer space used by a program consisting of concurrently running processes communicating via buffered channels. We...
Tachio Terauchi, Adam Megacz
SIGSOFT
2004
ACM
14 years 6 months ago
Testing static analysis tools using exploitable buffer overflows from open source code
Five modern static analysis tools (ARCHER, BOON, PolySpace C Verifier, Splint, and UNO) were evaluated using source code examples containing 14 exploitable buffer overflow vulnera...
Misha Zitser, Richard Lippmann, Tim Leek