Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
A Discipline of Programming
ITS4: A static vulnerability scanner for C and C++ code
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Exploiting a buffer overflow using metasploit framework
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
| Hi-index | 0.00 |
In this paper, a new static method for automated detection of vulnerabilities that could result in buffer overflows in programs is suggested. The problem of the software defense against threads related to buffer overflows is very important one. Currently, there does not exist satisfactory approaches to its solution. The existing dynamic methods make it possible to avoid incorrect execution for certain classes of programs. The basic disadvantage of these methods is that the procedure of the error detection after the session of tests is very involved. Moreover, they do not guarantee that the results obtained are correct. Static analysis methods are, as a rule, lexical scanners and do not thoroughly analyze the execution of the program, as well as its memory content (e.g., arrays, variables, and the like). The objective of the suggested method is to improve situation in this field and facilitate the audit of a program code by the programmer.