An extended form of must alias analysis for dynamic allocation
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Alias analysis of executable code
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Symbolic bounds analysis of pointers, array indices, and accessed memory regions
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Assembly to High-Level Language Translation
ICSM '98 Proceedings of the International Conference on Software Maintenance
ARCHER: using symbolic, path-sensitive analysis to detect memory access errors
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Extending Java for high-level Web service construction
ACM Transactions on Programming Languages and Systems (TOPLAS)
Buffer overrun detection using linear programming and static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Static Analysis of XML Transformations in Java
IEEE Transactions on Software Engineering
Static Checking of Dynamically Generated Queries in Database Applications
Proceedings of the 26th International Conference on Software Engineering
JDBC Checker: A Static Analysis Tool for SQL/JDBC Applications
Proceedings of the 26th International Conference on Software Engineering
Abstracting Stack to Detect Obfuscated Calls in Binaries
SCAM '04 Proceedings of the Source Code Analysis and Manipulation, Fourth IEEE International Workshop
Weighted pushdown systems and their application to interprocedural dataflow analysis
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Symbolic String Verification: An Automata-Based Approach
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Tupni: automatic reverse engineering of input formats
Proceedings of the 15th ACM conference on Computer and communications security
Automated Software Engineering
Abstract parsing for two-staged languages with concatenation
GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
Improved memory-access analysis for x86 executables
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
A system for generating static analyzers for machine instructions
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Automata-based symbolic string analysis for vulnerability detection
Formal Methods in System Design
| Hi-index | 0.00 |
Information about string values at key points in a program can help program understanding, reverse engineering, and forensics. We present a static-analysis technique for recovering possible string values in an executable program, when no debug information or source code is available. The result of our analysis is a regular language that describes a superset of the string values possible at a given program point. We also impart some of the lessons learned in the process of implementing our analysis as a tool for recovering C-style strings in x86 executables.