English
Related papers

Related papers: Buffer Overflow Analysis for C

200 papers

In our times, when the world is increasingly becoming more dependent on software programs, writing bug-free, correct programs is crucial. Program verification based on formal methods can guarantee this by detecting run-time errors in…

Programming Languages · Computer Science 2024-03-21 Rajendra Kumar Solanki

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server…

Cryptography and Security · Computer Science 2018-11-26 Manuel Rigger , Daniel Pekarek , Hanspeter Mössenböck

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency…

Cryptography and Security · Computer Science 2013-05-17 Sanjay Rawat , Dumitru Ceara , Laurent Mounier , Marie-Laure Potet

Annex K of C11, bounds-checking interfaces, recently introduced a set of alternative functions to mitigate buffer overflows, primarily those caused by string/memory functions. However, poor compatibility limits their adoption. Failure…

Cryptography and Security · Computer Science 2020-04-21 Kang Sun , Daliang Xu , Dongwei Chen , Xu Cheng , Dong Tong

Cyber-Physical Systems have played an essential role in our daily lives, providing critical services such as power and water, whose operability, availability, and reliability must be ensured. The C programming language, prevalent in CPS…

Cryptography and Security · Computer Science 2025-11-26 Luis Ferreirinha , Iberia Medeiros

The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security…

Cryptography and Security · Computer Science 2012-08-17 Manas Gaur

Static analysis is a method of analyzing source code without executing it. It is widely used to find bugs and code smells in industrial software. Besides other methods, the most important techniques are those based on the abstract syntax…

Software Engineering · Computer Science 2024-08-13 Gabor Horvath , Reka Kovacs , Richard Szalay , Zoltan Porkolab

We consider the problem of synthesizing provably non-overflowing integer arithmetic expressions or Boolean relations among integer arithmetic expressions. First we use a numerical abstract domain to infer numerical properties among program…

Programming Languages · Computer Science 2013-09-23 Francesco Logozzo , Matthieu Martel

Many applications are being written in more than one language to take advantage of the features that different languages provide such as native code support, improved performance, and language-specific libraries. However, there are few…

Software Engineering · Computer Science 2023-05-19 Kishanthan Thangarajah , Noble Mathews , Michael Pu , Meiyappan Nagappan , Yousra Aafer , Sridhar Chimalakonda

We propose a memory abstraction able to lift existing numerical static analyses to C programs containing union types, pointer casts, and arbitrary pointer arithmetics. Our framework is that of a combined points-to and data-value analysis.…

Programming Languages · Computer Science 2016-08-14 Antoine Miné

Integer overflow accounts for one of the major source of bugs in software. Verification systems typically assume a well defined underlying semantics for various integer operations and do not explicitly check for integer overflow in…

Programming Languages · Computer Science 2019-09-23 Asankhaya Sharma

Detecting buffer overruns from a source code is one of the most common and yet challenging tasks in program analysis. Current approaches have mainly relied on rigid rules and handcrafted features devised by a few experts, limiting…

Software Engineering · Computer Science 2017-03-08 Min-je Choi , Sehun Jeong , Hakjoo Oh , Jaegul Choo

Static analysis is the analysis of a program without executing it, usually carried out by an automated tool. Symbolic execution is a popular static analysis technique used both in program verification and in bug detection software. It works…

Software Engineering · Computer Science 2024-08-06 Gabor Horvath , Reka Kovacs , Zoltan Porkolab

A long-standing practical challenge in the optimization of higher-order languages is inlining functions with free variables. Inlining code statically at a function call site is safe if the compiler can guarantee that the free variables have…

Programming Languages · Computer Science 2013-06-11 Lars Bergstrom , Matthew Fluet , John Reppy , Nora Sandler

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

Owing to the continued use of C (and C++), spatial safety violations (e.g., buffer overflows) still constitute one of today's most dangerous and prevalent security vulnerabilities. To combat these violations, Checked C extends C with…

Programming Languages · Computer Science 2022-03-28 Aravind Machiry , John Kastner , Matt McCutchen , Aaron Eline , Kyle Headley , Michael Hicks

The well-known problem of state space explosion in model checking is even more critical when applying this technique to programming languages, mainly due to the presence of complex data structures. One recent and promising approach to deal…

Software Engineering · Computer Science 2016-08-16 María Del Mar Gallardo , Christophe Joubert , Pedro Merino

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea
‹ Prev 1 2 3 10 Next ›