Buffer overrun detection using linear programming and static analysis
- 27 October 2003
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
- p. 345-354
- https://doi.org/10.1145/948109.948155
Abstract
This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C string manipulations as a linear program. We also present fast, scalable solvers based on linear programming, and demonstrate techniques to make the program analysis context sensitive. Based on these techniques, we built a prototype and used it to identify several vulnerabilities in popular security critical applications.Keywords
This publication has 12 references indexed in Scilit:
- ARCHERPublished by Association for Computing Machinery (ACM) ,2003
- CCured in the real worldPublished by Association for Computing Machinery (ACM) ,2003
- ABCDPublished by Association for Computing Machinery (ACM) ,2000
- Symbolic bounds analysis of pointers, array indices, and accessed memory regionsPublished by Association for Computing Machinery (ACM) ,2000
- Pointer analysis for programs with structures and castingPublished by Association for Computing Machinery (ACM) ,1999
- Presolving in linear programmingMathematical Programming, 1995
- Speeding up slicingPublished by Association for Computing Machinery (ACM) ,1994
- Efficiently computing static single assignment form and the control dependence graphACM Transactions on Programming Languages and Systems, 1991
- Interprocedural slicing using dependence graphsACM Transactions on Programming Languages and Systems, 1990
- Fourier-Motzkin elimination and its dualJournal of Combinatorial Theory, Series A, 1973