See this document in CiteSeerX!

An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs (2004)  (Make Corrections)  (1 citation)
Wei Xu, Daniel C. DuVarney, R. Sekar
SIGSOFT'04/FSE--12, 2004



  Home/Search   Context   Related

 
View or download:
sunysb.edu/seclab1/pubs/p...fse04.ps.gz
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  sunysb.edu/seclab1/pubs/papers (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Memory-related errors, such as buffer overflows and dangling pointers, remain one of the principal reasons for failures of C programs. As a result, a number of recent research efforts have focused on the problem of dynamic detection of memory errors in C programs. However, existing approaches suffer from one or more of the following problems: inability to detect all memory errors (e.g., Purify), requiring non-trivial modifications to existing C programs (e.g., Cyclone), changing the memory... (Update)

Cited by:   More
Fast and Automated Generation of Attack Signatures: A Basis.. - Liang, Sekar (2005)   (Correct)

Active bibliography (related documents):   More   All
2.9:   An Efficient and Backwards-Compatible Transformation to.. - Xu, DuVarney, Sekar (2004)   (Correct)
1.1:   Code Inection in C and CPP: A Survey of Vulnerabilities.. - Younan, Joosen, Piessens (2004)   (Correct)
1.0:   Using Execution Transactions To Recover From Buffer.. - Stelios Sidiroglou.. (2004)   (Correct)

Similar documents based on text:
0.0:   Unknown -   (Correct)

BibTeX entry:   (Update)

W. Xu, D. DuVarney, and R. Sekar. An efficientand backwards-compatible transformation to ensure memory safety of C programs. In FSE, 2004. http://citeseer.ist.psu.edu/746391.html   More

@inproceedings{ xu04efficientand,
  author = "W. Xu and D. DuVarney and R. Sekar",
  title = "An efficientand backwards-compatible transformation to ensure memory safety
    of {C} programs",
  booktitle = "SIGSOFT'04/FSE--12, 2004",
  year = "2004",
  url = "citeseer.ist.psu.edu/746391.html" }
Citations (may not include all citations):
167   Garbage collection in an uncooperative environment (context) - Boehm, Weiser - 1988
98   Purify: Fast detection of memory leaks and access errors (context) - Hastings, Joyce - 1992
88   Cyclone: A safe dialect of C - Jim, Morrisett et al. - 2002
72   A first step towards automated detection of buffer overrun v.. - Wagner, Foster et al. - 2000
67   CCured: type-safe retrofitting of legacy code - Necula, McPeak et al. - 2002
55   Software caching and computation migration in Olden - Carlisle, Rogers - 1995
54   Transparent run-time defense against stack smashing attacks - Baratloo, Singh et al. - 2000
45   Efficient detection of all pointer and array access errors - Austin, Breach et al. - 1994
39   Formatguard: Automatic protection from printf format string .. - Cowan, Barringer et al. - 2001
35   Statically detecting likely buffer overflow vulnerabilities - Larochelle, Evans - 2001
34   Backwards-compatible bounds checking for arrays and pointers.. - Jones, Kelly - 1997
33   A theory of type qualifiers - Foster, Fahndrich et al. - 1999
33   Symbolic bounds analysis of pointers (context) - Rugina, Rinard - 2000
25   concurrent checking of pointer and array accesses in c progr.. (context) - Patil, Fischer - 1997
23   Debugging via run-time type checking - Loginov, Yong et al. - 2001
21   an interpreter-based programming environment for the C langu.. (context) - Kaufer, Lopez et al. - 1988
20   Address obfuscation: An efficient approach to combat a broad.. (context) - Bhatkar, DuVarney et al. - 2003
17   Coping with type casts in C - Siff, Chandra et al. - 1999
16   Pointguard: Protecting pointers from buffer overflow vulnera.. (context) - Cowan, Beattie et al. - 2003
15   CCured in the real world - Condit, Harren et al. - 2003
14   RAD: A compile-time solution to buffer overflow attacks - Chiueh, Hsu - 2001
14   Type-assisted dynamic buffer overflow detection - Lhee, Chapin - 2002
13   Cssv: Towards a realistic tool for statically detecting all .. - Dor, Rodeh et al. - 2003
13   Efficient run-time monitoring using shadow processing - Patil, Fischer - 1995
12   Adding run-time checking to the portable c compiler (context) - Steffen - 1992
12   Bcc: run--time checking for c programs (context) - Kendall - 1983
11   Protecting from stack-smashing attacks (context) - Etoh, Yoda - 2000
11   Automatic detection and prevention of buffer-overflow attack.. (context) - Cowan, Pu et al. - 1998
10   A practical dynamic buffer overflow detector - Ruwase, Lam - 2004
7   programs from attacks via invalid pointer dereferences (context) - Yong, Horwitz - 2003
6   CIL: Intermediate language and tools for C program analysis .. (context) - McPeak, Necula et al. - 2002
5   Fail-safe ansi-c compiler: An approach to making c programs .. - Oiwa, Sekiguchi et al. - 2002
4   path-sensitive analysis to detect memory access errors (context) - Xie, Chou et al. - 2003
4   Buffer overrun detection using linear programming and static.. - Ganapathy, Jha et al. - 2003
4   programs for buffer overflow vulnerabilities (context) - Haugh, Bishop - 2003
3   LibsafePlus: Tools for runtime buffer overflow protection (context) - Avijit, Gupta et al. - 2004
http://www.specbench.org/

Documents on the same site (http://www.seclab.cs.sunysb.edu/seclab1/pubs/papers.htm):   More
Empowering Mobile Code Using Expressive Security Policies - Venkatakrishnan, Peri, Sekar (2002)   (Correct)
Model-Carrying Code: A Practical Approach for Safe .. - Sekar.. (2003)   (Correct)
Specification-based Anomaly Detection: A New.. - Sekar, Gupta.. (2002)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC