Proceedings of the 27th International Conference o
Proceedings of the 27th International Conference on Software Engineering (ICSE) Year 2005 Peer-reviewed
BibTeX PDF
Computer Science · Research

Improving Software Security with a C

Dzintars Avots Michael Dalton V. Benjamin Livshits Monica S. Lam
2005
Publication year
ICSE
Venue
Peer-reviewed
Type
§ Abstract

Summary

This paper presents a context-sensitive, inclusion-based, field-sensitive points-to analysis for C and uses the analysis to detect and prevent security vulnerabilities in programs. In addition to a conservative analysis, we propose an optimistic analysis that assumes a more restricted C semantics that reflects common C usage to increase the precision of the analysis. This paper uses the proposed pointer alias analyses to infer the types of variables in C programs and shows that most C variables are used in a manner consistent with their declared types. We show that pointer analysis can be used to reduce the overhead of a dynamic string-buffer overflow detector by 30% to 100% among applications with significant overheads. Finally, using pointer analysis, we statically found six format string vulnerabilities in two of the 12 programs we analyzed.

Cite this paper — BibTeX 
@InProceedings{avots05improving,
  author = "Dzintars Avots and Michael Dalton and V. Benjamin Livshits and Monica S. Lam",
  title = "Improving Software Security with a {C} Pointer Analysis",
  booktitle = "Proceedings of the 27th International Conference on Software Engineering (ICSE)",
  month = may,
  year = "2005",
  location = "St. Louis, Missouri",
  publisher = "ACM",
}
Copied