English
Related papers

Related papers: EffectiveSan: Type and Memory Error Detection usin…

200 papers

In recent projects on operating-system verification, C and C++ data types are often formalized using a semantics that does not fully specify the precise byte encoding of objects. It is well-known that such an underspecified data-type…

Logic in Computer Science · Computer Science 2012-11-28 Hendrik Tews , Marcus Völp , Tjark Weber

While memory corruption bugs stemming from the use of unsafe programming languages are an old and well-researched problem, the resulting vulnerabilities still dominate real-world exploitation today. Various mitigations have been proposed to…

Cryptography and Security · Computer Science 2021-08-20 Emanuel Q. Vintila , Philipp Zieris , Julian Horsch

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

The C and C++ programming languages are notoriously insecure yet remain indispensable. Developers therefore resort to a multi-pronged approach to find security issues before adversaries. These include manual, static, and dynamic program…

Cryptography and Security · Computer Science 2018-06-13 Dokyung Song , Julian Lettner , Prabhu Rajasekaran , Yeoul Na , Stijn Volckaert , Per Larsen , Michael Franz

Despite the recent advances in pre-production bug detection, heap-use-after-free and heap-buffer-overflow bugs remain the primary problem for security, reliability, and developer productivity for applications written in C or C++, across all…

Unsafe memory accesses in programs written using popular programming languages like C/C++ have been among the leading causes for software vulnerability. Prior memory safety checkers such as SoftBound enforce memory spatial safety by…

Programming Languages · Computer Science 2019-07-10 Yurong Chen , Hongfa Xue , Tian Lan , Guru Venkataramani

Spatial memory safety violation is still a major issue for C programs. Checked-C is a safe dialect of C and extends it with Checked pointer types and annotations that guarantee spatial memory safety in a backward-compatible manner, allowing…

Cryptography and Security · Computer Science 2023-02-06 Liyi Li , Arunkumar Bhattar , Le Chang , Mingwei Zhu , Aravind Machiry

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

Memory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method…

Cryptography and Security · Computer Science 2025-09-16 Sara Baradaran , Mahdi Heidari , Ali Kamali , Maryam Mouzarani

Dynamically typed languages, like Erlang, allow developers to quickly write programs without explicitly providing any type information on expressions or function definitions. However, this feature makes those languages less reliable than…

Programming Languages · Computer Science 2018-09-14 Emanuele De Angelis , Fabio Fioravanti , Adrián Palacios , Alberto Pettorossi , Maurizio Proietti

Dynamically typed programming languages are popular in education and the software industry. While presenting a low barrier to entry, they suffer from run-time type errors and longer-term problems in code quality and maintainability.…

Human-Computer Interaction · Computer Science 2023-03-20 Shuai Fu , Tim Dwyer , Peter J. Stuckey , Jackson Wain , Jesse Linossier

The C++ Standard Template Library is the flagship example for libraries based on the generic programming paradigm. The usage of this library is intended to minimize the number of classical C/C++ errors, but does not warrant bug-free…

Programming Languages · Computer Science 2011-11-17 N. Pataki

The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for…

Cryptography and Security · Computer Science 2025-10-09 Zhiyuan Wei , Xiaoxuan Yang , Jing Sun , Zijian Zhang

Detecting software vulnerabilities is critical to ensuring the security and reliability of modern computer systems. Deep neural networks have shown promising results on vulnerability detection, but they lack the capability to capture global…

Cryptography and Security · Computer Science 2026-04-02 Sameer Shaik , Zhen Huang , Daniela Stan Raicu , Jacob Furst

This paper presents Warrior1, a tool that detects performance anti-patterns in C++ libraries. Many programs are slowed down by many small inefficiencies. Large-scale C++ applications are large, complex, and developed by large groups of…

Software Engineering · Computer Science 2020-10-20 Nadav Rotem , Lee Howes , David Goldblatt

Flow-sensitive type systems offer an elegant way to ensure memory-safety in programming languages. Unfortunately, their adoption in new or existing languages is often hindered by a painful effort to implement or integrate them into…

Programming Languages · Computer Science 2021-06-24 Dimitri Racordon , Aurélien Coet , Didier Buchs

Dataflow languages provide natural support for specifying constraints between objects in dynamic applications, where programs need to react efficiently to changes of their environment. Researchers have long investigated how to take…

Programming Languages · Computer Science 2011-04-13 Camil Demetrescu , Irene Finocchi , Andrea Ribichini

Dynamic symbolic execution (DSE) is a powerful method for path exploration during hybrid fuzzing and automatic bug detection. We propose security predicates to effectively detect undefined behavior and memory access violation errors.…

Cryptography and Security · Computer Science 2022-03-23 Alexey Vishnyakov , Vlada Logunova , Eli Kobrin , Daniil Kuts , Darya Parygina , Andrey Fedotov

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

Motivation: Automated bug detection in dynamically typed languages such as Python is essential for maintaining code quality. The lack of mandatory type annotations in such languages can lead to errors that are challenging to identify early…

Software Engineering · Computer Science 2025-01-17 Boqi Chen , José Antonio Hernández López , Gunter Mussbacher , Dániel Varró
‹ Prev 1 2 3 10 Next ›