George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-safe retro tting of legacy code. In Proceedings of the 29th Annual ACM Symposium on Principles of Programming Languages, January 2002.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....extremely active. Some of the more well known tools include include PRE x (mentioned above) ESP [11] ESC [17, 25] the Warlock race detector [35] and Wagner s security work [39, 38] Others have gone towards more language based approach, such as Vault [12] and Foster et al. [18] Or CCured [30], a hybrid static dynamic tool for detecting memory errors that uses a type inference algorithm to eliminate the need for many dynamic checks. Finally, the SLAM project combines aspects of both static analysis and model checking [1, 2] Many veri cation tools statically extract an abstract model ....

G.C. Necula, S. McPeak, and W. Weimer. CCured: type-safe retro tting of legacy code. In Symposium on Principles of Programming Languages, pages 128-139, 2002.

....Protection against attacks using existing code was also proposed in PaX by randomizing placement of position independent code; however, it is open to attacks that are able to read process addresses and thus determine the program layout. Type safety of C code has been proposed by the CCured system [43] which extends the C type system, infers statically veri able type safe pointers, and adds run time checks only for unsafe pointers. Cyclone [35] provides a safe dialect of C in a similar fashion, but requires annotations in conversion of legacy code. The reported overhead of these systems is in ....

George C. Necula, Scott McPeak, and Westley Weimer. CCured: type-safe retro tting of legacy code. In Symposium on Principles of Programming Languages POPL, pages 128-139, 2002.

....suggests, C itself should be considered as a commonly used assembly language. In each of these cases, the code generator is attacking the problem of portability and machine code generation, but not the problem of safety. In the area of C program safety, the Necula et.al. CCured compiler [19] and the Morrisett et.al. Cyclone Safe C [13] compiler both extend the C language to include extra information needed to infer safety. The systems distinguish between safe and unsafe pointers, where a safe pointer is always used in ways that can be shown to be safe, and unsafe pointers include ....

George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-safe retro tting of legacy code. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages (POPL02), 2002.

....system [1] and debugging versions of libraries, like Electric Fence, cause programs to perform sanity checks as they run. This technique has been used to combat bu er over ows [9, 4, 19] and printf format string attacks [8] 3. Combining static analysis and run time checks. Systems like CCured [31] perform static analyses to check source code for safety, and automatically insert run time checks where safety cannot be guaranteed statically. These are good techniques Cyclone itself uses the third strategy. However, except for CCured, none of the above projects applies them in a way that ....

George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-safe retro tting of legacy code. In Twenty-Ninth ACM Symposium on Principles of Programming Languages, Portland, OR, January 2002. To appear.

....and conversions from arbitrary integers to pointers. We currently make no attempt to track the e ect of any of these features on aliasing, except for the special case of type casting of the result of malloc like functions. In combination with a system for enforcing memory safety, such as CCured [NMW02] our implementation would be sound. In our implementation, we do not allow strong updates on locations containing functions. This improves eciency because we never need to recompute S(C) lin ( weak updates will not add constraints between stores. Additionally, observe that allocations a ect ....

George Necula, Scott McPeak, and Westley Weimer. CCured: Type-Safe Retrotting of Legacy Code. To appear in Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, Oregon, January 2002.

....system [2] and debugging versions of libraries, like Electric Fence, cause programs to perform sanity checks as they run. This technique has been used to combat bu er over ows [8, 5, 17] and printf format string attacks [7] 3. Combining static analysis and runtime checks. Systems like CCured [25] perform static analyses to check source code for safety, and automatically insert runtime checks where safety cannot be guaranteed statically. These are good techniques Cyclone itself uses the third strategy. However, except for CCured, none of the above projects applies them in a way that ....

George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-safe retrotting of legacy code. In Twenty-Ninth ACM Symposium on Principles of Programming Languages, Portland, OR, January 2002. To appear.

No context found.

George C. Necula, Scott McPeak, and Westley Weimer. CCured: Type-safe retro tting of legacy code. In Proceedings of the 29th Annual ACM Symposium on Principles of Programming Languages, January 2002.

No context found.

G. C. Necula, S. McPeak, and W. Weimer. CCured: typesafe retro tting of legacy code. In Symposium on Principles of Programming Languages, pages 128-139, 2002.

No context found.

G. C. Necula, S. McPeak, and W. Weimer. Ccured: Type-safe retro tting of legacy code. In Proc. 29th ACM Symp. Principles of Programming Languages (POPL02), London, Jan. 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC