English
Related papers

Related papers: S3Library: Automatically Eliminating C/C++ Buffer …

200 papers

Memory spatial errors, i.e., buffer overflow vulnerabilities, have been a well-known issue in computer security for a long time and remain one of the root causes of exploitable vulnerabilities. Most of the existing mitigation tools adopt a…

Cryptography and Security · Computer Science 2020-04-07 Dongwei Chen , Daliang Xu , Dong Tong , Kang Sun , Xuetao Guan , Chun Yang , Xu Cheng

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server…

Cryptography and Security · Computer Science 2018-11-26 Manuel Rigger , Daniel Pekarek , Hanspeter Mössenböck

Buffer overflow detection and mitigation for C programs has been an important concern for a long time. This paper defines a string buffer overflow analysis for C programs. The key ideas of our formulation are (a) separating buffers from the…

Programming Languages · Computer Science 2014-12-30 Uday P. Khedker

Owing to the continued use of C (and C++), spatial safety violations (e.g., buffer overflows) still constitute one of today's most dangerous and prevalent security vulnerabilities. To combat these violations, Checked C extends C with…

Programming Languages · Computer Science 2022-03-28 Aravind Machiry , John Kastner , Matt McCutchen , Aaron Eline , Kyle Headley , Michael Hicks

Integer overflows in commodity software are a main source for software bugs, which can result in exploitable memory corruption vulnerabilities and may eventually contribute to powerful software based exploits, i.e., code reuse attacks…

Cryptography and Security · Computer Science 2017-11-06 Paul Muntean , Jens Grossklags , Claudia Eckert

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

The functions standardized as part of ISO C 1999 and their addendums improved very little the security options from the previously available library. The largest flaw remained that no function asked for the buffer size of destination…

Software Engineering · Computer Science 2009-07-27 Marc-André Laverdière , Serguei A. Mokhov , Djamel Benredjem

Cyber-Physical Systems have played an essential role in our daily lives, providing critical services such as power and water, whose operability, availability, and reliability must be ensured. The C programming language, prevalent in CPS…

Cryptography and Security · Computer Science 2025-11-26 Luis Ferreirinha , Iberia Medeiros

In the last three decades, memory safety issues in system programming languages such as C or C++ have been one of the significant sources of security vulnerabilities. However, there exist only a few attempts with limited success to cope…

Software Engineering · Computer Science 2021-07-05 Felipe R. Monteiro , Mikhail R. Gadelha , Lucas C. Cordeiro

We present a novel approach to mitigate buffer overflow attack using Variable Record Table (VRT). Dedicated memory space is used to automatically record base and bound information of variables extracted during runtime. We instrument frame…

Cryptography and Security · Computer Science 2019-09-18 Love Kumar Sah , Sheikh Ariful Islam , Srinivas Katkoori

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

We propose new methods to synthesize control barrier function (CBF)-based safe controllers that avoid input saturation, which can cause safety violations. In particular, our method is created for high-dimensional, general nonlinear systems,…

Robotics · Computer Science 2022-11-22 Simin Liu , Changliu Liu , John Dolan

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Scott A. Carr , Joseph Nash , Per Larsen , Michael Franz , Stefan Brunthaler , Mathias Payer

The most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for…

Cryptography and Security · Computer Science 2025-03-28 Úlfar Erlingsson

Since buffer overflow has long been a frequently occurring, high-risk vulnerability, various methods have been developed to support spatial memory safety and prevent buffer overflow. However, every proposed method, although effective in…

Cryptography and Security · Computer Science 2023-02-15 Seong-Kyun Mok , Eun-Sun Cho

Integer overflows have threatened software applications for decades. Thus, in this paper, we propose a novel technique to provide automatic repairs of integer overflows in C source code. Our technique, based on static symbolic execution,…

Software Engineering · Computer Science 2019-10-15 Paul Muntean , Martin Monperrus , Hao Sun , Jens Grossklags , Claudia Eckert

Unsafe Rust code is necessary for interoperability with C/C++ libraries and implementing low-level data structures, but it can cause memory safety violations in otherwise memory-safe Rust programs. Sanitizers can catch such memory errors at…

Programming Languages · Computer Science 2025-10-24 Oliver Braunsdorf , Tim Lange , Konrad Hohentanner , Julian Horsch , Johannes Kinder

The C++ Standard Template Library is the flagship example for libraries based on the generic programming paradigm. The usage of this library is intended to minimize the number of classical C/C++ errors, but does not warrant bug-free…

Programming Languages · Computer Science 2011-11-17 N. Pataki

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

Low-level programming languages with weak/static type systems, such as C and C++, are vulnerable to errors relating to the misuse of memory at runtime, such as (sub-)object bounds overflows, (re)use-after-free, and type confusion. Such…

Programming Languages · Computer Science 2018-04-20 Gregory J. Duck , Roland H. C. Yap
‹ Prev 1 2 3 10 Next ›