English
Related papers

Related papers: Detecting lifetime errors of std::string_view obje…

200 papers

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

We study 10 C/C++ projects that have been using a static analysis security testing tool. We analyze the historical scan reports generated by the tool and study how frequently memory-related alerts appeared. We also studied the subsequent…

Software Engineering · Computer Science 2021-04-12 Nasif Imtiaz , Laurie Williams

Static analysis is a method of analyzing source code without executing it. It is widely used to find bugs and code smells in industrial software. Besides other methods, the most important techniques are those based on the abstract syntax…

Software Engineering · Computer Science 2024-08-13 Gabor Horvath , Reka Kovacs , Richard Szalay , Zoltan Porkolab

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

We present a static analysis by Abstract Interpretation to check for run-time errors in parallel and multi-threaded C programs. Following our work on Astr\'ee, we focus on embedded critical programs without recursion nor dynamic memory…

Programming Languages · Computer Science 2019-03-14 Antoine Miné

It is quite common for security testing to be delayed until after the software has been developed, but vulnerabilities may get noticed throughout the implementation phase and the earlier they are discovered, the easier and cheaper it will…

Software Engineering · Computer Science 2018-05-25 Rahma Mahmood , Qusay H. Mahmoud

Rust is a programming language that uses a concept of ownership to guarantee memory safety without the use of a garbage collector. However, some error messages related to ownership can be difficult to understand and fix, particularly those…

Software Engineering · Computer Science 2023-09-14 Ruochen Wang , Molly Maclaren , Michael Coblenz

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Programmers often add meaningful information about program semantics when naming program entities such as variables, functions, and macros. However, static analysis tools typically discount this information when they look for bugs in a…

Programming Languages · Computer Science 2020-09-22 Roger Scott , Joseph Ranieri , Lucja Kot , Vineeth Kashyap

The C++ Standard Template Library is the flagship example for libraries based on the generic programming paradigm. The usage of this library is intended to minimize the number of classical C/C++ errors, but does not warrant bug-free…

Programming Languages · Computer Science 2011-11-17 N. Pataki

Error handling is the process of responding to and recovering from error conditions in the program. In Swift, errors are represented by values of types that conform to the Error protocol. Throwing an error lets you indicate that something…

Programming Languages · Computer Science 2023-01-26 Roberto Rosmaninho

STANSE is a free (available under the GPLv2 license) modular framework for finding bugs in C programs using static analysis. Its two main design goals are 1) ability to process large software projects like the Linux kernel and 2)…

Software Engineering · Computer Science 2012-02-06 Jan Obdržálek , Jiří Slabý , Marek Trtík

Rust relies on its unique ownership mechanism to ensure thread and memory safety. However, numerous potential security vulnerabilities persist in practical applications. New language features in Rust pose new challenges for vulnerability…

Programming Languages · Computer Science 2026-01-08 Yu Zhang , Kaiwen Zhang , Guanjun Liu

Testing is one of the most indispensable tasks in software engineering. The role of testing in software development has grown significantly because testing is able to reveal defects in the code in an early stage of development. Many unit…

Software Engineering · Computer Science 2010-12-07 Norbert Pataki

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents…

Cryptography and Security · Computer Science 2016-04-07 Bhargava Shastry , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Since the advent of parallel algorithms in the C++17 Standard Template Library (STL), the STL has become a viable framework for creating performance-portable applications. Given multiple existing implementations of the parallel algorithms,…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-02-12 Ruben Laso , Diego Krupitza , Sascha Hunold

Static analysis is the analysis of a program without executing it, usually carried out by an automated tool. Symbolic execution is a popular static analysis technique used both in program verification and in bug detection software. It works…

Software Engineering · Computer Science 2024-08-06 Gabor Horvath , Reka Kovacs , Zoltan Porkolab

Existing approaches for detecting anomalies in spreadsheets can help to discover faults, but they are often applied too late in the spreadsheet lifecycle. By contrast, our approach detects anomalies immediately whenever users change their…

Software Engineering · Computer Science 2015-05-12 Daniel Kulesz , Fabian Toth , Fabian Beck

String data is common in real-world datasets: 67.6% of values in a sample of 1.8 million real Excel spreadsheets from the web were represented as text. Systems that successfully clean such string data can have a significant impact on real…

Databases · Computer Science 2023-08-23 Mukul Singh , José Cambronero , Sumit Gulwani , Vu Le , Carina Negreanu , Gust Verbruggen

Well-designed diagnostic tasks have played a key role in studying the failure of neural nets (NNs) to generalize systematically. Famous examples include SCAN and Compositional Table Lookup (CTL). Here we introduce CTL++, a new diagnostic…

Machine Learning · Computer Science 2022-10-13 Róbert Csordás , Kazuki Irie , Jürgen Schmidhuber
‹ Prev 1 2 3 10 Next ›