Please use this identifier to cite or link to this item:
https://research.matf.bg.ac.rs/handle/123456789/784| Title: | Ensuring safe usage of buffers in programming language C | Authors: | Vujošević Janičić, Milena | Affiliations: | Informatics and Computer Science | Keywords: | Automated bug detection;Buffer overflow;C programming language;Static analysis | Issue Date: | 17-Nov-2008 | Related Publication(s): | ICSOFT 2008 - Proceedings of the 3rd International Conference on Software and Data Technologies | Abstract: | We consider the problem of buffer overflows in C programs. This problem is very important because buffer overflows are suitable targets for security attacks and sources of serious programs' misbehavior. Buffer overflow bugs can be detected at run-time by dynamic analysis, and before run-time by static analysis. In this paper we present a new static, modular approach for automated detection of buffer overflows. Our approach is flow-sensitive and inter-procedural, and it deals with both statically and dynamically allocated buffers. Its architecture is flexible and pluggable - for instance, for checking generated correctness and incorrectness conditions, it can use any external automated theorem prover that follows SMT-LIB standards. The system uses an external and easily extendable knowledge database that stores all the reasoning rules so they are not hard-coded within the system. We also report on our prototype implementation, the FADO tool, and on its experimental results. |
URI: | https://research.matf.bg.ac.rs/handle/123456789/784 | ISBN: | 9789898111517 |
| Appears in Collections: | Research outputs |
Show full item record
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.