Buffer Overrun Detection Using Linear Programming and Static Analysis
| dc.contributor.author | Ganapathy, Vinod | en_US |
| dc.contributor.author | Jha, Somesh | en_US |
| dc.contributor.author | Chandler, David | en_US |
| dc.contributor.author | Melski, David | en_US |
| dc.contributor.author | Vitek, David | en_US |
| dc.date.accessioned | 2012-03-15T17:17:34Z | |
| dc.date.available | 2012-03-15T17:17:34Z | |
| dc.date.created | 2003 | en_US |
| dc.date.issued | 2003 | |
| dc.description.abstract | This paper addresses the issue of identifiing buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a scalable analysis based on modeling C string manipulations as a linear program. We also present fast, scalable solvers based on linear programming, and demonstrate how to make the analysis context sensitive. Based on these techniques, we built a prototype and used it to identify several vulnerabilities in popular security critical applications. | en_US |
| dc.format.mimetype | application/pdf | en_US |
| dc.identifier.citation | TR1488 | en_US |
| dc.identifier.uri | http://digital.library.wisc.edu/1793/60368 | |
| dc.publisher | University of Wisconsin-Madison Department of Computer Sciences | en_US |
| dc.title | Buffer Overrun Detection Using Linear Programming and Static Analysis | en_US |
| dc.type | Technical Report | en_US |
Files
Original bundle
1 - 1 of 1