SULJE VALIKKO

avaa valikko

Value-Range Analysis of C Programs - Towards Proving the Absence of Buffer Overflow Vulnerabilities
129,90 €
Springer London Ltd
Sivumäärä: 302 sivua
Asu: Pehmeäkantinen kirja
Painos: Softcover reprint of
Julkaisuvuosi: 2011, 15.05.2011 (lisätietoa)
Kieli: Englanti
Abu?erover?owoccurswheninputiswrittenintoamemorybu?erthatisnot large enough to hold the input. Bu?er over?ows may allow a malicious person to gain control over a computer system in that a crafted input can trick the defectiveprogramintoexecutingcodethatisencodedintheinputitself.They are recognised as one of the most widespread forms of security vulnerability, and many workarounds, including new processor features, have been proposed to contain the threat. This book describes a static analysis that aims to prove the absence of bu?er over?ows in C programs. The analysis is conservative in the sense that it locates every possible over?ow. Furthermore, it is fully automatic in that it requires no user annotations in the input program. Thekeyideaoftheanalysisistoinferasymbolicstateforeachp- gram point that describes the possible variable valuations that can arise at that point. The program is correct if the inferred values for array indices and pointer o?sets lie within the bounds of the accessed bu?er. The symbolic state consists of a ?nite set of linear inequalities whose feasible points induce a convex polyhedron that represents an approximation to possible variable valuations. The book formally describes how program operations are mapped to operations on polyhedra and details how to limit the analysis to those p- tionsofstructuresandarraysthatarerelevantforveri?cation.Withrespectto operations on string bu?ers, we demonstrate how to analyse C strings whose length is determined by anul character within the string.

Tuotetta lisätty
ostoskoriin kpl
Siirry koriin
LISÄÄ OSTOSKORIIN
Tilaustuote | Arvioimme, että tuote lähetetään meiltä noin 4-5 viikossa | Tilaa jouluksi viimeistään 27.11.2024
Myymäläsaatavuus
Helsinki
Tapiola
Turku
Tampere
Value-Range Analysis of C Programs - Towards Proving the Absence of Buffer Overflow Vulnerabilities
Näytä kaikki tuotetiedot
ISBN:
9781849967020
Sisäänkirjautuminen
Kirjaudu sisään
Rekisteröityminen
Oma tili
Omat tiedot
Omat tilaukset
Omat laskut
Lisätietoja
Asiakaspalvelu
Tietoa verkkokaupasta
Toimitusehdot
Tietosuojaseloste