Static analysis by abstract interpretation: application to the detection of heap overflows

被引：4

作者：

Allamigeon, Xavier ^{[1
,2
]}

Hymans, Charles ^{[1
]}

机构：

[1] EADS Innovat Works, SE CS, Suresnes, France

[2] CEA, LIST MeASI, Gif Sur Yvette, France

来源：

JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES | 2008年 / 4卷 / 01期

关键词：

D O I：

10.1007/s11416-007-0063-z

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Several security flaws are the consequence of the presence of programming errors or bugs in software. Heap overflow is the typical example of such errors that allows an attacker to take control of a machine. But considering the growing size and complexity of present software, implementing programs without any error is not an easy task. In this paper, we present a static analysis by abstract interpretation that is focused on security properties: without executing the program, it ensures the absence of any heap overflows.

引用

页码：5 / 23

页数：19

共 40 条

[21]

Goubault E, 2006, LECT NOTES COMPUT SC, V4134, P18

[22]

Graf S, 1997, LECT NOTES COMPUT SC, V1254, P72

[23]

Holzmann G., 2002, P IDPT 2002 PAS CA U

[24]

Hymans C., 2007, TECHNICAL REPORT

[25]

Jung YB, 2005, LECT NOTES COMPUT SC, V3672, P203

[26] AFFINE RELATIONSHIPS AMONG VARIABLES OF A PROGRAM [J].

KARR, M .

ACTA INFORMATICA, 1976, 6 (02) :133-151

[27]

Logozzo F., 2004, LECT NOTES COMPUTER, V2937

[28] The octagon abstract domain [J].

Miné, A .

EIGHTH WORKING CONFERENCE ON REVERSE ENGINEERING, PROCEEDINGS, 2001, :310-319

[29]

Mine A, 2001, LECT NOTES COMPUT SC, V2053, P155

[30]

Mine A, 2006, ACM SIGPLAN NOTICES, V41, P54, DOI 10.1145/1134650.1134659

← 1 2 3 4 →