Buffer Overrun Detection using Liner Programming and Static Analysis

This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C string manipulations as a linear program. We also present fast, scalable solvers based on linear programming, and demonstrate techniques to make the program analysis context sensitive. Based on these techniques, we built a prototype and used it to identify several vulnerabilities in popular security critical applications.
Download:[PS,PDF]
Somesh Jha
Last modified: Fri Nov 14 11:20:10 CST 2003