Using Programmer-Written Compiler Extensions to Catch Security Holes

Using Programmer-Written Compiler Extensions to Catch Security Holes

Cached

Download Links

[www.eecs.umich.edu]
[www.stanford.edu]

Other Repositories/Bibliography

DBLP

by Ken Ashcraft, et al.

Citations:

139 - 5 self

BibTeX

@MISC{Ashcraft_usingprogrammer-written,
    author = {Ken Ashcraft and et al.},
    title = {Using Programmer-Written Compiler Extensions to Catch Security Holes},
    year = {}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

This paper shows how system-specific static analysis can nd security errors that violate rules such as "integers from untrusted sources must be sanitized before use" and "do not dereference user-supplied pointers." In our approach, programmers write system-specific extensions that are linked into the compiler and check their code for errors. We demonstrate the approach's effectiveness by using it to nd over 100 security errors in Linux and OpenBSD, over 50 of which have led to kernel patches. An unusual feature ofour approach is the use of methods to automatically detect when we miss code actions that should be checked.

Citations

1363	Aspect-oriented programming - Kiczales, Lamping, et al. - 1997
478	Eraser: A Dynamic Data Race Detector for Multi-Threaded Programs - Savage, Burrows, et al. - 1997
347	Enforcing high-level protocols in low-level software - DeLine, Fähndrich - 2001
315	Checking System rules using System-specific, Programmer-written Compiler Extensions - Engler, Chelf, et al. - 2000
314	A first step towards automated detection of buffer overrun vulnerabilities - Wagner, Foster, et al. - 2000
245	Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code - Engler, Chen, et al. - 2001
245	D (2001) Intrusion detection via static analysis - Wagner, Dean
242	A static analyzer for finding dynamic programming errors. Software—Practice and Experience - Bush, Pincus, et al. - 2000
189	Typestate: A programming language concept for enhancing software reliability - Strom, Yemini - 1986
168	A decentralized model for information flow control - Myers, Liskov - 1997
158	Statically detecting likely buffer overflow vulnerabilities - Larochelle, Evans - 2001
67	ITS4: A static vulnerability scanner for C and C++ code - Viega, Bloch, et al. - 2000
37	Annodomini: from type theory to year 2000 conversion tool - Eidorff, Henglein, et al. - 1999
35	Cleanness checking of string manipulations in C programs via integer analysis - Dor, Rodeh, et al.
23	A rst step towards automated detection of bu er overrun vulnerabilities - Wagner, Foster, et al. - 2000
21	Checking for race conditions in file accesses. Computing Systems Spring - Bishop, Dilger - 1996
18	Checking system rules using system-speci c, programmerwritten compiler extensions - Engler, Chelf, et al. - 2000
16	Detecting races in relay ladder logic programs - Aiken, Fähndrich, et al. - 1998
4	A static analyzer for nding dynamic programming errors - Bush, Pincus, et al.
4	A decentralized model for information �ow control - AC, Liskov - 1997
2	Checking for race conditions in le accesses. Computing systems - Bishop, Dilger - 1996
1	chris@scary.beasts.org. Personal communication. Negative parameter passed to copy to user or copy from user allows exposing or over owing arbitrary kernel memory - Evans - 2001
1	Personal communication. Developing a buffer overflow checker in PREfast (a version of of PREfix - Pincus - 2001
1	Statically detecting likely bu er over ow vulnerabilities - Larochelle, Evans - 2001
1	Personal communication. Developing a bu er over ow checker in PREfast (a version of of PRE x - Pincus - 2001