Rob Johnson David Wagner University of California at Berkeley  Home/Search
Context Related
| berkeley.edu/~daw/pa...cqukusenix04.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: berkeley.edu/~daw/papers/index (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Today's operating systems struggle with vulnerabilities from careless handling of user space pointers. User/kernel pointer bugs have serious consequences for security: a malicious user could exploit a user/kernel pointer bug to gain elevated privileges, read sensitive data, or crash the system. We show how to detect user/kernel pointer bugs using type-qualifier inference, and we apply this method to the Linux kernel using CQUAL, a type-qualifier inference tool. We extend the basic... (Update)
Cited by: More
Finding Security Vulnerabilities in Java Applications - With Static Analysis (Correct)
Checkbochs: Use Hardware to Check Software - Bansal (2006) (Correct)
Finding Security Vulnerabilities in Java Applications with.. - Livshits, Lam (2005) (Correct)
Active bibliography (related documents): More All
1.2: Finding User/Kernel Pointer Bugs With Type Inference - Rob Johnson David (2004) (Correct)
1.2: Rob Johnson David Wagner - Report No Ucb (Correct)
0.2: Using Execution Transactions To Recover From Buffer.. - Stelios Sidiroglou.. (2004) (Correct)
Similar documents based on text:
4.0: Unknown - (Correct)
Related documents from co-citation: More All
3: JFlow: Practical mostly-static information flow control - Myers - 1999
3: A static analyzer for finding dynamic programming errors - Bush, Pincus et al. - 2000
3: Detecting format string vulnerabilities with type qualifiers - Shankar, Talwar et al. - 2001
BibTeX entry: (Update)
Rob Johnson and David Wagner. Finding user/kernel pointer bugs with type inference. In USENIX Security Symposium, 2004. http://citeseer.ist.psu.edu/johnson04finding.html More
@misc{ david04finding,
author = "Rob Johnson David",
title = "Finding User/Kernel Pointer Bugs With Type Inference",
text = "Rob Johnson and David Wagner. Finding user/kernel pointer bugs with type
inference. In USENIX Security Symposium, 2004.",
year = "2004",
url = "citeseer.ist.psu.edu/johnson04finding.html" }
Citations (may not include all citations):72 A First Step Towards Automated Detection of Buffer Overrun V.. - Wagner, Foster et al. - 2000
67 CCured: Type-Safe Retrofitting of Legacy Code - Necula, McPeak et al. - 2002 DBLP
64 Detecting Format String Vulnerabilities with Type Qualifiers - Shankar, Talwar et al. - 2001
62 The SLAM Project: Debugging System Software via Static Analy.. (context) - Ball, Rajamani - 2002 DBLP
58 MOPS: an infrastructure for examining security properties of.. - Chen, Wagner - 2002 ACM DBLP
20 ITS4: A Static Vulnerability Scanner for C and C++ Code (context) - Viega, Bloch et al. - 2000 DBLP
17 and Gregoire Sutre (context) - Henzinger, Jhala et al. - 2002
15 LCLint User's Guide (context) - Evans - 1996
11 ACM Transactions on Programming Languages and Systems (context) - Foster, Johnson et al.
9 Scrash: A System for Generating Secure Crash Information - Broadwell, Harren et al. - 2003
8 Type Qualifiers: Lightweight Specifications to Improve Softw.. - Foster - 2002
5 expressive system and language for statically checking secur.. (context) - Yang, Kremenek et al. - 2003
4 Carillon System to Find YK Problem C Program - Jeffrey, Alexander et al. - 1999
4 Managing kernel development (context) - Torvalds - 2003
http://www.securesw.com/auditing_
Documents on the same site (http://www.cs.berkeley.edu/~daw/papers/index.html): More
Building PRFs from PRPs - Hall, Wagner, Kelsey, Schneier (1998) (Correct)
Cryptanalysis of TWOPRIME - Coppersmith, Wagner, Schneier, Kelsey (1998) (Correct)
Cryptanalysis of Some Recently-Proposed Multiple Modes of Operation - Wagner (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC