Buffer overrun detection using linear programming and static analysis

27 October 2003

conference paper
conference paper
Published by Association for Computing Machinery (ACM)

p. 345-354
https://doi.org/10.1145/948109.948155

Abstract

This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C string manipulations as a linear program. We also present fast, scalable solvers based on linear programming, and demonstrate techniques to make the program analysis context sensitive. Based on these techniques, we built a prototype and used it to identify several vulnerabilities in popular security critical applications.

Keywords

This publication has 12 references indexed in Scilit:

ARCHER
Published by Association for Computing Machinery (ACM) ,2003
CCured in the real world
Published by Association for Computing Machinery (ACM) ,2003
ABCD
Published by Association for Computing Machinery (ACM) ,2000
Symbolic bounds analysis of pointers, array indices, and accessed memory regions
Published by Association for Computing Machinery (ACM) ,2000
Pointer analysis for programs with structures and casting
Published by Association for Computing Machinery (ACM) ,1999
Presolving in linear programming
Mathematical Programming, 1995
Speeding up slicing
Published by Association for Computing Machinery (ACM) ,1994
Efficiently computing static single assignment form and the control dependence graph
ACM Transactions on Programming Languages and Systems, 1991
Interprocedural slicing using dependence graphs
ACM Transactions on Programming Languages and Systems, 1990
Fourier-Motzkin elimination and its dual
Journal of Combinatorial Theory, Series A, 1973

Cited by 51 articles