Main navigation | Main content
Jiyong Jang, Abeer Agrawal, and David Brumley. “ReDeBug: Finding
unpatched code clones in entire OS distributions”. In IEEE
Symposium on Security and Privacy “Oakland”, pages
48–62, San Francisco, CA, USA, May 2012.
[IEEE]
Brian Hackett, Manuvir Das, Daniel Wang, and Zhe Yang. “Modular
checking for buffer overflows in the large”. In International
Conference on Software Engineering (ICSE), pages 232–241,
Shanghai, China, May 2006.
[ACM]
Question: The Hackett et al. paper (second reading) mentions that the C standard library functions strcpy, strcat, gets, and sprintf cannot be safely annotated in their system; conveniently that isn't a problem for the authors' project because they had decided to eliminate uses of these functions anyway. However if you're considering keeping them around, I don't think these functions are all equally unsafe. Give a finer-grained categorization of what can be done to use these functions safely, and whether/how the system in this paper might be extended to support them.
Al Bessey, Ken Block, Benjamin Chelf, Andy Chou, Bryan Fulton, Seth
Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Dawson
R. Engler. “A few billion lines of code later: using static
analysis to find bugs in the real world”. Communications of
the ACM, 53(2):66–75, February 2010.
[ACM]
From the developers of the Coverity bug-finding tool, on some of the practical challenges of source-level program analysis in a commercial context.
Cristina Cifuentes, Nathan Keynes, Lian Li, Nathan Hawes, and Manuel
Valdiviezo. “Transitioning Parfait into a development
tool”. IEEE Security & Privacy Magazine,
10(3):16–23, May/June 2012.
[IEEE]
Another static analysis tool and its deployment inside Sun/Oracle.