Using programmer-written compiler extensions to catch security holes
作者: K. Ashcraft , D. Engler
DOI: 10.1109/SECPRI.2002.1004368
关键词: Computer science 、 Operating system 、 Kernel (image processing) 、 Programmer 、 Compiler 、 Metacompilation 、 Static analysis 、 Feature (machine learning) 、 Pointer (computer programming) 、 Programming language 、 Code (cryptography)
摘要: This paper shows how system-specific static analysis can find security errors that violate rules such as "integers from untrusted sources must be sanitized before use" and "do not dereference user-supplied pointers." In our approach, programmers write extensions are linked into the compiler check their code for errors. We demonstrate approach's effectiveness by using it to over 100 in Linux OpenBSD, 50 of which have led kernel patches. An unusual feature approach is use methods automatically detect when we miss actions should checked.
sci-hub.se 参考文章(15)
Nurit Dor, Michael Rodeh, Mooly Sagiv, Cleanness Checking of String Manipulations in C Programs via Integer Analysis static analysis symposium. pp. 194- 212 ,(2001) , 10.1007/3-540-47764-0_12
Eric A. Brewer, Alexander Aiken, David A. Wagner, Jeffrey S. Foster, A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. network and distributed system security symposium. ,(2000)
Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, Thomas Anderson, Eraser: a dynamic data race detector for multithreaded programs ACM Transactions on Computer Systems. ,vol. 15, pp. 391- 411 ,(1997) , 10.1145/265924.265927
Robert DeLine, Manuel Fähndrich, Enforcing high-level protocols in low-level software Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation - PLDI '01. ,vol. 36, pp. 59- 69 ,(2001) , 10.1145/378795.378811
Peter Harry Eidorff, Fritz Henglein, Christian Mossin, Henning Niss, Morten Heine Sørensen, Mads Tofte, AnnoDomini Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '99. pp. 1- 14 ,(1999) , 10.1145/292540.292543
Dawson Engler, David Yu Chen, Seth Hallem, Andy Chou, Benjamin Chelf, Bugs as deviant behavior: a general approach to inferring errors in systems code symposium on operating systems principles. ,vol. 35, pp. 57- 72 ,(2001) , 10.1145/502034.502041
Robert E. Strom, Shaula Yemini, Typestate: A programming language concept for enhancing software reliability IEEE Transactions on Software Engineering. ,vol. 12, pp. 157- 171 ,(1986) , 10.1109/TSE.1986.6312929
Seth Hallem, Benjamin Chelf, Andy Chou, Dawson Engler, Checking system rules using system-specific, programmer-written compiler extensions operating systems design and implementation. pp. 1- 16 ,(2000) , 10.5555/1251229.1251230
William R. Bush, Jonathan D. Pincus, David J. Sielaff, A static analyzer for finding dynamic programming errors Software - Practice and Experience. ,vol. 30, pp. 775- 802 ,(2000) , 10.1002/(SICI)1097-024X(200006)30:7<775::AID-SPE309>3.0.CO;2-H
David Larochelle, David Evans, Statically detecting likely buffer overflow vulnerabilities usenix security symposium. pp. 14- 14 ,(2001)