Using programmer-written compiler extensions to catch security holes
- 25 August 2005
- proceedings article
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
This paper shows how system-specific static analysis can find securityerrors that violate rules such as ``integers from untrusted sourcesmust be sanitized before use'' and ``do not dereference user-suppliedpointers.''In our approach, programmers write system-specificextensions that are linked into the compiler and check their code forerrors.We demonstrate the approach's effectiveness by using it tofind over 100 security errors in Linux and OpenBSD, over 50 of whichhave led to kernel patches.An unusual feature of our approach is theuse of methods to automatically detect when we miss code actions thatshould be checked.Keywords
This publication has 10 references indexed in Scilit:
- Intrusion detection via static analysisPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- ITS4: a static vulnerability scanner for C and C++ codePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Bugs as deviant behaviorPublished by Association for Computing Machinery (ACM) ,2001
- Cleanness Checking of String Manipulations in C Programs via Integer AnalysisLecture Notes in Computer Science, 2001
- Enforcing high-level protocols in low-level softwarePublished by Association for Computing Machinery (ACM) ,2001
- A static analyzer for finding dynamic programming errorsSoftware: Practice and Experience, 2000
- AnnoDominiPublished by Association for Computing Machinery (ACM) ,1999
- EraserACM Transactions on Computer Systems, 1997
- A decentralized model for information flow controlPublished by Association for Computing Machinery (ACM) ,1997
- Typestate: A programming language concept for enhancing software reliabilityIEEE Transactions on Software Engineering, 1986