Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Introduction to algorithms
The C programming language
Efficient type inference for higher-order binding-time analysis
Proceedings of the 5th ACM conference on Functional programming languages and computer architecture
ESOP'92 Symposium proceedings on 4th European symposium on programming
POPL '93 Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Implementation of the typed call-by-value λ-calculus using a stack of regions
POPL '94 Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A syntactic approach to type soundness
Information and Computation
Simple imperative polymorphism
Lisp and Symbolic Computation - Special issue on state in programming languages (part I)
Static detection of dynamic memory errors
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Taming effects with monadic typing
ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
The marriage of effects and monads
ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Theory of Objects
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
SAS '95 Proceedings of the Second International Symposium on Static Analysis
A Toolkit for Constructing Type- and Constraint-Based Program Analyses
TIC '98 Proceedings of the Second International Workshop on Types in Compilation
An Extended Static Checker for Modular-3
CC '98 Proceedings of the 7th International Conference on Compiler Construction
The complexity of subtype entailment for simple types
LICS '97 Proceedings of the 12th Annual IEEE Symposium on Logic in Computer Science
Journal of Functional Programming
Type systems for distributed data structures
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Exception analysis for non-strict languages
Proceedings of the seventh ACM SIGPLAN international conference on Functional programming
Runtime verification of authorization hook placement for the linux security modules framework
Proceedings of the 9th ACM conference on Computer and communications security
MOPS: an infrastructure for examining security properties of software
Proceedings of the 9th ACM conference on Computer and communications security
Type-safe multithreading in cyclone
Proceedings of the 2003 ACM SIGPLAN international workshop on Types in languages design and implementation
Boolean Constraints for Binding-Time Analysis
PADO '01 Proceedings of the Second Symposium on Programs as Data Objects
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
Interface Compatibility Checking for Software Modules
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Inlining as staged computation
Journal of Functional Programming
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
The set constraint/CFL reachability connection in practice
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Consistency analysis of authorization hook placement in the Linux security modules framework
ACM Transactions on Information and System Security (TISSEC)
A practical type system and language for reference immutability
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Transparent proxies for java futures
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Pluggable verification modules: an extensible protection mechanism for the JVM
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
An efficient and backwards-compatible transformation to ensure memory safety of C programs
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Using build-integrated static checking to preserve correctness invariants
Proceedings of the 11th ACM conference on Computer and communications security
ACM SIGPLAN Notices
Automatic discovery of API-level exploits
Proceedings of the 27th international conference on Software engineering
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Visualizing type qualifier inference with Eclipse
eclipse '04 Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange
Javari: adding reference immutability to Java
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Automatic placement of authorization hooks in the linux security modules framework
Proceedings of the 12th ACM conference on Computer and communications security
Modular set-based analysis from contracts
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Journal of Functional Programming
Osprey: a practical type system for validating dimensional unit correctness of C programs
Proceedings of the 28th international conference on Software engineering
Applying flow-sensitive CQUAL to verify MINIX authorization check placement
Proceedings of the 2006 workshop on Programming languages and analysis for security
Precise alias analysis for static detection of web application vulnerabilities
Proceedings of the 2006 workshop on Programming languages and analysis for security
Condate: a proto-language at the confluence between checking and compiling
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
SPEE: a secure program execution environment tool using code integrity checking
Journal of High Speed Networks - Special issue on trusted internet workshop (TIW) 2004
The case for analysis preserving language transformation
Proceedings of the 2006 international symposium on Software testing and analysis
A framework for implementing pluggable type systems
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Flow-insensitive type qualifiers
ACM Transactions on Programming Languages and Systems (TOPLAS)
Type inference for unboxed types and first class mutability
Proceedings of the 3rd workshop on Programming languages and operating systems: linguistic support for modern operating systems
Static error detection using semantic inconsistency inference
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Thirty years is long enough: getting beyond C
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Efficient techniques for comprehensive protection from memory error exploits
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Enforcing and validating user-defined programming disciplines
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Large-scale analysis of format string vulnerabilities in Debian Linux
Proceedings of the 2007 workshop on Programming languages and analysis for security
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Efficient field-sensitive pointer analysis of C
ACM Transactions on Programming Languages and Systems (TOPLAS)
Type qualifier inference for java
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Status report on JSR-305: annotations for software defect detection
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
SafeDrive: safe and recoverable extensions using language-based techniques
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Combined static and dynamic mutability analysis
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Automatic inference of stationary fields: a generalization of java's final fields
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Static detection of cross-site scripting vulnerabilities
Proceedings of the 30th international conference on Software engineering
SharC: checking data sharing strategies for multithreaded c
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
A compiler-based infrastructure for software-protection
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Abstract Interpretation Plugins for Type Systems
AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
Inference of Reference Immutability
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
Effective blame for information-flow violations
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
A generic type-and-effect system
Proceedings of the 4th international workshop on Types in language design and implementation
Implicit Flows: Can't Live with `Em, Can't Live without `Em
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
AutoISES: automatically inferring security specifications and detecting violations
SS'08 Proceedings of the 17th conference on Security symposium
Parameter reference immutability: formal definition, inference tool, and comparison
Automated Software Engineering
Static Analysis of a Class of Memory Leaks in TrustedBSD MAC Framework
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Staged information flow for javascript
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Automatic dimension inference and checking for object-oriented programs
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
JavaCOP: Declarative pluggable types for java
ACM Transactions on Programming Languages and Systems (TOPLAS)
User-input dependence analysis via graph reachability
User-input dependence analysis via graph reachability
Type systems for distributed data sharing
SAS'03 Proceedings of the 10th international conference on Static analysis
Java bytecode verification for @NonNull types
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Static analysis for detecting taint-style vulnerabilities in web applications
Journal of Computer Security
IntPatch: automatically fix integer-overflow-to-buffer-overflow vulnerability at compile-time
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Embedded firmware diversity for smart electric meters
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
Extending type systems in a library: Type-safe XML processing in C++
Science of Computer Programming
Formalisation and implementation of an algorithm for bytecode verification of @NonNull types
Science of Computer Programming
Building and using pluggable type-checkers
Proceedings of the 33rd International Conference on Software Engineering
EnerJ: approximate data types for safe and general low-power computation
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Static typing for a substructural lambda calculus
Frontiers of Computer Science in China
Implementing a Language with Flow-Sensitive and Structural Typing on the JVM
Electronic Notes in Theoretical Computer Science (ENTCS)
Transparent run-time prevention of format-string attacks via dynamic taint and flexible validation
ISC'06 Proceedings of the 9th international conference on Information Security
Ada-Europe'06 Proceedings of the 11th Ada-Europe international conference on Reliable Software Technologies
Using type qualifiers to analyze untrusted integers and detecting security flaws in c programs
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Checking for deadlock, double-free and other abuses in the linux kernel source code
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part IV
Inference of user-defined type qualifiers and qualifier rules
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
ARCS'12 Proceedings of the 25th international conference on Architecture of Computing Systems
A Rewriting Logic Approach to Static Checking of Units of Measurement in C
Electronic Notes in Theoretical Computer Science (ENTCS)
Formalizing address spaces with application to Cuda, OpenCL, and beyond
Proceedings of the 6th Workshop on General Purpose Processor Using Graphics Processing Units
Composing polymorphic information flow systems with reference immutability
Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Development of automatically verifiable systems using data representation synthesis
Proceedings of the 2013 companion publication for conference on Systems, programming, & applications: software for humanity
JavaUI: effects for controlling UI object access
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
Improving the fault resilience of an H.264 decoder using static analysis methods
ACM Transactions on Embedded Computing Systems (TECS) - Special Section on ESTIMedia'10
Aliasing in Object-Oriented Programming
A survey of support for structured communication in concurrency control models
Journal of Parallel and Distributed Computing
Using type analysis in compiler to mitigate integer-overflow-to-buffer-overflow threat
Journal of Computer Security - ESORICS 2010
| Hi-index | 0.00 |
We describe a framework for adding type qualifiers to a language. Type qualifiers encode a simple but highly useful form of subtyping. Our framework extends standard type rules to model the flow of qualifiers through a program, where each qualifier or set of qualifiers comes with additional rules that capture its semantics. Our framework allows types to be polymorphic in the type qualifiers. We present a const-inference system for C as an example application of the framework. We show that for a set of real C programs, many more consts can be used than are actually present in the original code.