Re: Compiler detection of buffer overflows

Ben Elliston wrote:
>I am seeking references to work in the area of static and/or dynamic
>detection and prevention of buffer overflows.


There's been a bit of work in this area lately, so I'll just list
some of the recent references; you can trace citations backwards
in those papers to find other potentially relevant work.


David Larochelle and David Evans.
``Statically Detecting Likely Buffer Overflow Vulnerabilities.''
2001 USENIX Security Symp.,
http://www.cs.virginia.edu/~evans/usenix01-abstract.html


Dor Nurit, Rodeh Michael, and Sagiv Mooly.
``Cleanness Checking of String Manipulations in C Programs via Integer
Analysis.'' SAS'01, http://www.math.tau.ac.il/~nurr/SAS01.ps


John Viega, J.T. Bloch, Tadayoshi Kohno, Gary McGraw.
``ITS4: A Static Vulnerability Scanner for C and C++ Code.''
ACSAC'00, http://www.cigital.com/its4/


Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, Jonathan Walpole.
``Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade.''
http://community.core-sdi.com/~juliano/discex00.pdf


``A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities.''
NDSS 2000, http://www.cs.berkeley.edu/~daw/papers/overruns-ndss00.ps


There are other lexical code scanning tools, such as RATS
(http://www.securesw.com/rats/) and flawfinder
(http://www.dwheeler.com/flawfinder/).


Some more references may be found in my PhD thesis:
http://www.cs.berkeley.edu/~daw/papers/phd-dis.ps

Return to the comp.compilers page.
Search the comp.compilers archives again.