Simon, Axel and King, Andy (2002) Analyzing String Buffers in C. In: Kirchner, Hélène and Ringeissen, Christophe, eds. International Conference on Algebraic Methodology and Software Technology. Lecture Notes in Computer Science, 2422 . Springer, pp. 365-379. ISBN 3-540-44144-1. (doi:10.1007/3-540-45719-4_25) (KAR id:13750)
PDF
Language: English |
|
Download this file (PDF/392kB) |
Preview |
Request a format suitable for use with assistive technology e.g. a screenreader | |
Official URL: http://dx.doi.org/10.1007/3-540-45719-4_25 |
Abstract
A buffer overrun occurs in a C program when input is read into a buffer whose length exceeds that of the buffer. Overruns often lead to crashes and are a widespread form of security vulnerability. This paper describes an analysis for detecting overruns before deployment which is conservative in the sense that it locates every possible buffer overrun. The paper details the subtle relationship between overrun analysis and pointer analysis and explains how buffers can be modeled with a linear number of variables. As far as we know, the paper gives the first formal account of how this software and security problem can be tackled with abstract interpretation, setting it on a firm, mathematical basis.
Item Type: | Book section |
---|---|
DOI/Identification number: | 10.1007/3-540-45719-4_25 |
Additional information: | Also see http://www.springer.de/comp/lncs/index.html |
Uncontrolled keywords: | abstract interpretation, C, buffer overflows |
Subjects: | Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, |
Divisions: | Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing |
Depositing User: | Andy King |
Date Deposited: | 24 Nov 2008 17:59 UTC |
Last Modified: | 05 Nov 2024 09:47 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/13750 (The current URI for this page, for reference purposes) |
- Link to SensusAccess
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):