Title :
A novel flow-sensitive type and effect analysis for securing C code
Author :
Tlili, Syrine ; Debbabi, Mourad
Author_Institution :
Concordia Univ., Montreal
fDate :
March 31 2008-April 4 2008
Abstract :
In this paper, we present a novel type and effect analysis for detecting type cast errors and memory errors in C source code. Our approach involves a type system with effect, region, and cast history annotations that hold valuable information for ensuring memory safety. The cast history is a precise type decoration we define to address C type casting issues. Our flow-sensitive annotations are allowed to change from one program point to another in order to efficiently tackle temporal errors. We also define a recursive algorithm based on alias information to deal with C aliasing pitfalls and to improve the precision of our analysis. We endow our type system with static security checks that use our annotations to verify and enforce security properties. The effects generated during the type analysis provide an interface that outputs undecidable Dunno points that need runtime information for safety checking. This interface can be used to communicate with dynamic analysis approaches in order to overcome static analysis limitations.
Keywords :
C language; program diagnostics; C code; dynamic analysis; effect analysis; flow-sensitive type novel; recursive algorithm; static security checks; Algorithm design and analysis; Computer errors; Computer security; History; Information analysis; Information security; Laboratories; Programming profession; Runtime; Safety;
Conference_Titel :
Computer Systems and Applications, 2008. AICCSA 2008. IEEE/ACS International Conference on
Conference_Location :
Doha
Print_ISBN :
978-1-4244-1967-8
Electronic_ISBN :
978-1-4244-1968-5
DOI :
10.1109/AICCSA.2008.4493600
