Opinion: Buffer Overrun Madness

A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities

We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can be eliminated before code is deployed. We have implemented our design and used our prototype to ...

Data-Delineation in Software Binaries and its Application to Buffer-Overrun Discovery [preprint]

Detecting memory-safety violations in binaries is complicated by the lack of knowledge of the intended data layout, i.e., the locations and sizes of objects. We present lightweight, static, heuristic analyses for recovering the intended layout of data in a stripped binary. Comparison against DWARF debugging information shows high precision and recall rates for inferring source-level object boun...

Capacity Sharing for Overrun Control

Madness

here are clouds in the painting, of course. Almost any one of us would have included those clouds, thick with electricity and rainwater. And there is the wheat field, smudged out like an empty palm, orange beneath the storm-stricken sun. Surely, many of us would have insisted on the wheat as well. Through the middle of the wheat, a rutted road slices to the horizon and disappears beneath the cl...

Moon-madness *

Mother Nature is an exceedingly exacting old lady. She guards her treasures well and does not yield them on casual inquiry. To be sure, she has spread the stuff and substance of the Universe before everyone so that it might be described and classified. For generations men have eagerly approached this monumental job until at last there is available a fairly satisfactory account of the structure ...