学术探索
学术期刊
新闻热点
数据分析
智能评审

Using programmer-written compiler extensions to catch security holes

被引:53
作者
Ashcraft, K [1 ]
Engler, D [1 ]
机构
[1] Stanford Univ, Comp Syst Lab, Stanford, CA 94305 USA
来源
2002 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS | 2002年
关键词
D O I
10.1109/SECPRI.2002.1004368
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper shows how system-specific static analysis can find security errors that violate rules such as "integers from untrusted sources must be sanitized before use" and "do not dereference user-supplied pointers." In our approach, programmers write system-specific extensions that are linked into the compiler and check their code for errors. We demonstrate the approach's effectiveness by using it to find over 100 security errors in Linux and OpenBSD, over 50 of which have led to kernel patches. An unusual feature of our approach is the use of methods to automatically detect when we miss code actions that should be checked.
引用
收藏
页码:143 / 159
页数:17
相关论文
共 20 条
[1]  
AIKEN A, 1998, P 1 INT C TOOLS ALG
[2]  
[Anonymous], 2001, P 18 ACM S OP SYST P
[3]  
[Anonymous], P ACM S OP SYST PRIN
[4]  
Bishop M, 1996, COMPUT SYST, V9, P131
[5]  
Bush WR, 2000, SOFTWARE PRACT EXPER, V30, P775, DOI 10.1002/(SICI)1097-024X(200006)30:7<775::AID-SPE309>3.0.CO
[6]  
2-H
[7]  
DOR N, 2001, 8 INT S STAT AN SAS, P194
[8]  
EIDORFF P, 1999, POPL 99 26 ACM SIGPL, P1
[9]  
ELINE R, 2001, P ACM SIGPLAN 2001 C
[10]  
ENGLER D, 2000, P OP SYST DES IMPL O
12