Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, David Wagner  Home/Search
Context Related
| berkeley.edu/~daw/pap...fmtstruse01.ps berkeley.edu/~ushankar/r...percents.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: berkeley.edu/~daw/papers/ (more) Homepages: U.Shankar J.Foster D.Wagner |
Rate this article:      (best)Comment on this article |
Abstract: We present a new system for automatically detecting format string security vulnerabilities in C programs using a constraint-based type-inference engine. We describe new techniques for presenting the results of such an analysis to the user in a form that makes bugs easier to find and to fix. The system has been implemented and tested on several real-world software packages. Our tests show that the system is very effective, detecting several bugs previously unknown to the authors and exhibiting a ... (Update)
Cited by: More
Finding User/Kernel Pointer Bugs With Type Inference - Rob Johnson David (2004) (Correct)
Model Checking An Entire Linux Distribution for Security.. - Benjamin Schwarz Hao (Correct)
Understanding Data Lifetime via Whole System Simulation - Jim Chow Ben (2004) (Correct)
Active bibliography (related documents): More All
1.7: Type Qualifiers: Lightweight Specifications to Improve Software.. - Foster (2002) (Correct)
0.5: Constraint Abstractions - Gustavsson, Svenningsson (2000) (Correct)
0.4: Policy and Implementation Assurance for Software Security - Wilander (2005) (Correct)
Similar documents based on text: More All
0.6: Libsafe 2.0: Detection of Format String Vulnerability Exploits - Tsai, Singh (2001) (Correct)
0.4: Testing C Programs for Buffer Overflow Vulnerabilities - Haugh (2002) (Correct)
0.4: Secure Verification of Location Claims - Sastry, Shankar, Wagner (2003) (Correct)
Related documents from co-citation: More All
22: Checking system rules using system-specific (context) - Engler, Chelf et al. - 2000
17: MOPS: an infrastructure for examining security properties of software - Chen, Wagner - 2002
16: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
BibTeX entry: (Update)
U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. In Proceedings of the 10th USENIX Security Symposium, 2001. http://citeseer.ist.psu.edu/shankar01detecting.html More
@inproceedings{ shankardetecting,
author = "Umesh Shankar and Kunal Talwar and Jeffrey S. Foster and David Wagner",
title = "Detecting Format String Vulnerabilities with Type Qualifiers",
pages = "201--220",
url = "citeseer.ist.psu.edu/shankar01detecting.html" }
Citations (may not include all citations):509 Introduction to Lattices and Order (context) - Davey, Priestley - 1990
152 A sound type system for secure flow analysis - Volpano, Smith et al. - 1996
134 A Theory of Objects (context) - Abadi, Cardelli - 1996
120 Integrity considerations for secure computer systems (context) - Biba - 1977
88 Static Detection of Dynamic Memory Errors - Evans - 1996
85 Type inference with simple subtypes (context) - Mitchell - 1991
72 A type-based approach to program security - Volpano, Smith
72 A First Step Toward Automated Detection of Buffer Overrun Vu.. - Wagner, Foster et al. - 2000
70 Points-to Analysis in Almost Linear Time - Steensgaard - 1996
52 Checking for Race Conditions in File Accesses - Bishop, Dilger - 1996
45 Efficient Detection of All Pointer and Array Access Errors - Austin, Breach et al. - 1994
41 Protecting Privacy using the Decentralized Label Model - Myers, Liskov - 2001
39 FormatGuard: Automatic Protection From printf Format String .. - Cowan, Barringer et al.
33 A Theory of Type Qualifiers - Foster, Fahndrich et al. - 1999
29 The Complexity of Subtype Entailment for Simple Types - Henglein, Rehof - 1997
20 Physical Type Checking for C - Chandra, Reps - 1999
19 Format String Attacks (context) - Newsham - 2000
17 Coping With Type Casts in C - Siff, Chandra et al. - 1999
5 Checking System Rules Using SystemSpecific, Programmer-Writt.. - Engler, Chelf et al. - 2000
4 Two Input Validation Problems in FTPD (context) - CA-- - 2000
3 PScan: A limited problem scanner for C source files (context) - DeKok
3 ITS4: A Static Vulnerability Scanner for C and C++ Code (context) - Viega, Bloch et al. - 2000
2 Type-Based Flow Analysis: From Polymorphic Subtyping to CFLR.. - Rehof, Fahndrich - 2001
2 muh IRC bouncer remote vulnerability (context) - Henrion
2 Very probable remote root vulnerability in cfengine (context) - Savola - 2000
2 Some possible format string errors (context) - Huuskonen - 2000
1 ftpd: the advisory version (context) - Argamal - 2000
1 Input Validation Problem in rpc.statd (context) - CA-- - 2000
1 Lackwit: Practical Program Understanding With Type Inference (context) - O'Callahan, Jackson - 1997
1 Carillon---a System to Find Y2K Problems in C Programs (context) - Elsman, Foster et al.
1 Widespread Exploitation of rpc.statd and wu-ftpd Vulnerabili.. (context) - Note - 2000
1 compubdoc manualhtmlpodperlsec (context) - http, com et al.
1 format string bug in muh (context) - Henrion - 2000
1 Tom Christiansen and Jon Orwant (context) - Wall - 2000
1 Re: Logging question (context) - Bernstein - 1996
1 Available httpboxn (context) - libformat, http et al.
1 Internet worm squirms into Linux servers (context) - Lemos - 2001
1 Input Validation Problems in LPRng (context) - CA-- - 2000
1 Program Analysis Mode (context) - Harrelson
1 bugtraq mailing list (context) - Bailleux - 2000
1 An Extended Static Checker for Modula-3 (context) - Rustan, Leino et al. - 1998
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.berkeley.edu/~daw/papers/): More
Building PRFs from PRPs - Hall, Wagner, Kelsey, Schneier (1998) (Correct)
Cryptanalysis of TWOPRIME - Coppersmith, Wagner, Schneier, Kelsey (1998) (Correct)
Cryptanalysis of Some Recently-Proposed Multiple Modes of Operation - Wagner (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC