MLSA: a static bugs analysis tool based on LLVM IR
نویسندگان
چکیده
منابع مشابه
Experiences Using Static Analysis to Find Bugs
Static analysis examines code in the absence of input data and without running the code, and can detect potential security violations (e.g., SQL injection), runtime errors (e.g., dereferencing a null pointer) and logical inconsistencies (e.g., a conditional test that cannot possibly be true). While there is a rich body of literature on algorithms and analytical frameworks used by such tools, re...
متن کاملMetamorphic Code from LLVM IR Bytecode
Metamorphic software changes its internal structure across generations with its functionality remaining unchanged. Metamorphism has been employed by malware writers as a means of evading signature detection and other advanced detection strategies. However, code morphing also has potential security benefits, since it can serve to increase the “genetic diversity” of software. We have created a me...
متن کاملSimple and Effective Static Analysis to Find Bugs
Title of dissertation: SIMPLE AND EFFECTIVE STATIC ANALYSIS TO FIND BUGS David H. Hovemeyer, Doctor of Philosophy, 2005 Dissertation directed by: Professor William W. Pugh Department of Computer Science Much research in recent years has focused on using static analysis to find bugs in software. Many new approaches employing sophisticated program analysis techniques—inter-procedural, context-sen...
متن کاملFinding Error-Handling Bugs in Systems Code Using Static Analysis
Run-time errors are unavoidable whenever software interacts with the physical world. Unchecked errors are especially pernicious in operating system file management code. Transient or permanent hardware failures are inevitable, and errormanagement bugs at the file system layer can cause silent, unrecoverable data corruption. Furthermore, even when developers have the best of intentions, inaccura...
متن کاملFinding Tizen security bugs through whole-system static analysis
Tizen is a new Linux-based open source platform for consumer devices including smartphones, televisions, vehicles, and wearables. While Tizen provides kernellevel mandatory policy enforcement, it has a large collection of libraries, implemented in a mix of C and C++, which make their own security checks. In this research, we describe the design and engineering of a static analysis engine which ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Networked and Distributed Computing
سال: 2016
ISSN: 2211-7946
DOI: 10.2991/ijndc.2016.4.3.1