Compiler Extensions To Catch Security Holes: Dissected
نویسنده
چکیده
Programming errors that lead to unreliable and insecure programs are a problem that has been around since the very beginning of computer science. Most of these errors are caught via extensive testing and debugging. However, more serious bugs are often left in the code unnoticed, because either the interaction through which they can occur is too complex to understand, given a certain time frame, or the testing phase is too expensive. This paper presents various automated methods, with a special focus on code analysis (both static and dynamic) to contain or isolate the damage.
منابع مشابه
Using Programmer-Written Compiler Extensions to Catch Security Holes
This paper shows how system speci c static analysis can nd security errors that violate rules such as in tegers from untrusted sources must be sanitized before use and do not dereference user supplied pointers In our approach programmers write system speci c extensions that are linked into the compiler and check their code for errors We demonstrate the approach s e ectiveness by using it to nd ...
متن کاملDeclarative Security
In this paper, we introduce the novel concept of a secure interface deenition compiler (a \se-curity" compiler, for short). We show how interface designers can declare an application's security requirements as part of the interface deenition process, and how a security compiler can automatically generate code that implements security requirements in client stubs and server skeletons. We propose...
متن کاملPutting the Spine Back in the Spineless Tagless G-Machine: An Implementation of Resumable Black-Holes
Interrupt handling is a tricky business in lazy functional languages: we have to make sure that thunks that are being evaluated can be halted and later restarted if and when they are required. This is a particular problem for implementations which use black-holing. Black-Holing deliberately makes it impossible to revert such thunks to their original state to avoid a serious space leak. Interact...
متن کاملPractical memory safety for C
Copious amounts of high-performance and low-level systems code are written in memory-unsafe languages such as C and C++. Unfortunately, the lack of memory safety undermines security and reliability; for example, memory-corruption bugs in programs can breach security, and faults in kernel extensions can bring down the entire operating system. Memory-safe languages, however, are unlikely to displ...
متن کامل1170 Safe and Efficient Active Network Programming
Active networks are aimed at incorporating programmability into the network to achieve extensibility. An approach to obtaining extensibility is based on downloading router programs into network nodes. Although promising, this approach raises several critical issues: expressiveness to enable programmability at all levels of networking, safety and security to protect shared resources, and eecienc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005