Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities (Paperback)
  • Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities (Paperback)
zoom

Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities (Paperback)

(author)
£105.50
Paperback 302 Pages / Published: 15/05/2011
  • We can order this from the publisher

Usually dispatched within 15 working days

  • This item has been added to your basket
Abu?erover?owoccurswheninputiswrittenintoamemorybu?erthatisnot large enough to hold the input. Bu?er over?ows may allow a malicious person to gain control over a computer system in that a crafted input can trick the defectiveprogramintoexecutingcodethatisencodedintheinputitself.They are recognised as one of the most widespread forms of security vulnerability, and many workarounds, including new processor features, have been proposed to contain the threat. This book describes a static analysis that aims to prove the absence of bu?er over?ows in C programs. The analysis is conservative in the sense that it locates every possible over?ow. Furthermore, it is fully automatic in that it requires no user annotations in the input program. Thekeyideaoftheanalysisistoinferasymbolicstateforeachp- gram point that describes the possible variable valuations that can arise at that point. The program is correct if the inferred values for array indices and pointer o?sets lie within the bounds of the accessed bu?er. The symbolic state consists of a ?nite set of linear inequalities whose feasible points induce a convex polyhedron that represents an approximation to possible variable valuations. The book formally describes how program operations are mapped to operations on polyhedra and details how to limit the analysis to those p- tionsofstructuresandarraysthatarerelevantforveri?cation.Withrespectto operations on string bu?ers, we demonstrate how to analyse C strings whose length is determined by anul character within the string.

Publisher: Springer London Ltd
ISBN: 9781849967020
Number of pages: 302
Weight: 498 g
Dimensions: 235 x 155 x 17 mm
Edition: Softcover reprint of hardcover 1st ed. 2008


MEDIA REVIEWS

From the reviews:

"This book describes a static analysis that aims to prove the absence of buffer overflows in C programs. ... The book formally describes how program operations are mapped to operations on polyhedra. ... Many concepts presented here carry over to other languages such as Java or assembler. So it will be useful to any researcher and student with an interest in static analysis of real-world programming languages." (Stefan Meyer, Zentralblatt MATH, Vol. 1155, 2009)

You may also be interested in...

Raspberry Pi
Added to basket
£17.50
Paperback
C Programming Absolute Beginner's Guide
Added to basket
Schaum's Outline of Programming with C++
Added to basket
Developer's Code
Added to basket
£22.99
Paperback
C++ For Dummies
Added to basket
£21.99
Paperback
Schaum's Outline of Programming with C
Added to basket
C Programming Language
Added to basket
Jamaican Cooking Made Easy
Added to basket
C++ Programming Language, The
Added to basket
C# 5.0 Pocket Reference
Added to basket
Effective C++
Added to basket
£40.49
Paperback
C# Precisely
Added to basket
£35.00
Paperback
Seven Languages in Seven Weeks
Added to basket

Please sign in to write a review

Your review has been submitted successfully.