Static analysis of string manipulations in critical embedded C programs

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4134 LNCS, Issue , 2006, Pages 35-51

  Allamigeon, Xavier ^a   Godard, Wenceslas ^a   Hymans, Charles ^a  

^a AIRBUS GROUP INNOVATIONS   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

C (PROGRAMMING LANGUAGE); CACHE MEMORY; COMPUTER SOFTWARE; EMBEDDED SYSTEMS; ERROR ANALYSIS;

ABSTRACT PRIMITIVES; MULTI-DIMENSIONAL ARRAYS; STATIC ANALYSIS; STRING MANIPULATIONS;

COMPUTER PROGRAM LISTINGS;

EID: 33749831548     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11823230_4     Document Type: Conference Paper

References (31)

1. Dave Aitel. The advantage of block-based protocol analysis for security testing. Technical report, Immunity,Inc., 2002.
2. A. Baratloo, N. Singh, and T. Tsai. Transparent run-time defense against stack smashing attacks. In Proceedings of the USENIX Annual Technical Conference, 2000.
3. Philippe Biondi. Scapy. http://www.secdev.org/projects/scapy/.
4. B. Chess. Improving computer security using extended static checking. In IEEE Symposium on Security and Privacy, 2002.
5. P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Conference Record of the 4th ACM Symposium on Principles of Programming Languages. ACM Press, 1977
6. P. Cousot and R. Cousot. Constructive versions of Tarski's fixed point theorems. Pacific Journal of Mathematics, 81(1), 1979
7. P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A, Miné, D. Monniaux, and X. Rival. The ASTRÉE Analyser. In Proceedings of the European Symposium on Programming, volume 3444 of Lecture Notes in Computer Science. Springer, 2005.
8. C. Cowan and al. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Symposium. USENIX Association, 1998.
9. Nurit Dor, Michael Rodeh, and Mooly Sagiv. CSSV: towards a realistic tool for statically detecting all buffer overflows in C. In Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation. ACM Press, 2003.
10. Mark W. Eichin and Jon A. Rochlis. With microscope and tweezers: An analysis of the internet virus of november 1988. In Proceedings of the 1989 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1989.
11. David Evans and David Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, 19(1), 2002.
12. Vinod Ganapathy, Somesh Jha, David Chandler, David Melski, and David Vitek. Buffer overrun detection using linear programming and static analysis. In Proceedings of the 10th ACM conference on Computer and communications security. ACM Press, 2003.
13. Erich Haugh and Matthew Bishop. Testing C programs for buffer overflow vulnerabilities. In Proceedings of the Network and Distributed System Security Symposium, The Internet Society, 2003.
14. Yungbum Jung, Jaehwang Kim, Jaeho Shin, and Kwangkeun Yi. Taming false alarms from a domain-unaware C analyzer by a bayesian statistical post analysis. In Static Analysis, 12th International Symposium, volume 3672 of Lecture Notes in Computer Science. Springer, 2005.
15. D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. In Proceedings of the 10th USENIX Security Symposium, 2001.
16. X. Leroy, D. Doliguez, J. Garrigue, D. Rémy, and J. Vouillon. The Objective Caml system release 3.06, documentation and user's manual. Institut National de Recherche en Informatique et en Automatique (INRIA), 2002.
17. George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. CCured: type-safe retrofitting of legacy software. ACM Transactions Programming Languages and Systems, 27(3), 2005.
18. George C. Necula, Scott McPeak, S.P. Rahul, and Westley Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Proceedings of Conference on Compiler Construction, 2002.
19. Aleph One. Smashing the stack for fun and profit. Phrack, 7(49), 1996.
20. Olatunji Ruwase and Monica S. Lam. A practical dynamic buffer overflow detector. In Network and Distributed System Security Symposium. The Internet Society, 2004.
21. Michael Siff, Satish Chandra, Thomas Ball, Krishna Kunchithapadam, and Thomas W. Reps. Coping with type casts in C. In 7th European Software Engineering Conference, volume 1687 of Lecture Notes in Computer Science. Springer, 1999.
22. Axel Simon and Andy King. Analyzing string buffers in C. In Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology. Springer-Verlag, 2002.
23. Michael Sutton and Adam Greene. The art of file format fuzzing. In Black Hat USA 2005, 2005.
24. Arnaud Venet and Guillaume Brat. Precise and efficient static array bound checking for large embedded C programs. In Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation. ACM Press, 2004.
25. John Viega, J. T. Bloch, Y. Kohno, and Gary McGraw. ITS4: A static vulnerability scanner for C and C++ code. In 16th Annual Computer Security Applications Conference. IEEE Computer Society, 2000.
26. David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Proceedings of the Network and Distributed System Security Symposium. The Internet Society, 2000.
27. John Wilancier and Mariam Kamkar. A comparison of publicly available tools for static intrusion prevention. In 7th Nordic Workshop on Secure. IT Systems, 2002.
28. John Wilander and Mariam Kamkar. A comparison of publicly available tools for dynamic buffer overflow prevention. In Network and Distributed System Security Symposium. The Internet Society, 2003.
29. Glynn Winskel. The Formal Semantics of Programming Languages: An Introduction. The MIT Press, 1993.
30. Yichen Xie, Andy Chou, and Dawson R. Engler. ARCHER: using symbolic, pathsensitive analysis to detect memory access errors. In Proceedings of the 11th ACM SIGSOFT Symposium on Foundations of Software Engineering. ACM, 2003.
31. K. Yi. Yet another ensemble of abstract interpreter, higher-order data-flow equations, and model checking. Technical Memorandum 2001-10, Research on Program Analysis System, National Creative Research Center, Korea Advanced Institute of Science and Technology, 2001.