Skip to main content

Frontiers of Engineering Reports on Leading-Edge Engineering from the 2007 Symposium (2008) / Chapter Skim
Currently Skimming:

Unifying Disparate Tools in Software Security--Greg Morrisett
Pages 13-20

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.


From page 13...
... How can you ensure that the software doesn't contain coding bugs or logic errors that might leave a security hole? Traditional approaches to software security have assumed that users could easily determine when they were installing code and whether or not software was trustworthy in a particular context.
Read the entire page →
From page 14...
... Unfortunately, many programmers fail to insert appropriate checks, partly because commonly used programming languages (C and C++) make it easy to forget those checks, and partly because programmers often think that "no one will have a password of more than a thousand characters." When programmers fail to put in a check and the input is too long, the extra bytes overwrite whatever data happen to be stored next to the input buffer.
Read the entire page →
From page 15...
... In an ideal attack, the rest of the input contains executable instructions, and the attacker causes control to transfer to this newly injected code. In this way, the attacker can cause the program to execute arbitrary code. Attacks based on buffer overruns are surprisingly common; at one point, they accounted for more than half of the security vulnerabilities reported by the Computer Emergency Response Team (Wagner et al., 2000)
Read the entire page →
From page 16...
... Consequently, static analysis tools construct models of the program that abstract details and reduce the reasoning to finite domains. For example, instead of tracking the actual values that integer variables might take on, an analysis might track only upper and lower bounds.
Read the entire page →
From page 17...
... For example, a buffer overrun recently found in the Windows Vista custom-cursor animation code was not detected by Prefast. Looking to the Future One problem with static analysis tools is that, like optimizing compilers, they tend to be large, complicated programs.
Read the entire page →
From page 18...
... . Next-generation programming languages are incorporating increasingly sophisticated type systems that allow programmers to provide stronger safety and security properties through automated type checking.
Read the entire page →
From page 19...
... Pp. 95-107 in Proceedings of the 2000 ACM SIGPLAN Conference on Programming Language Design and Implementation.
Read the entire page →

Key Terms

  • programming languages
  • software security
  • buffer overrun
  • return address
  • buffer overruns

  • source code
  • programming language
  • usenix security
  • acm symposium
  • acm sigplan

  • tool called
  • analysis tools
  • security symposium
  • coding errors
  • security policies

  • analysis tool
  • insert appropriate
  • legacy code
  • machine code
  • clever attacker

  • appropriate checks
  • false negatives
  • virus scanners
  • false positives
  • programmers fail

  • automated static
  • static analyzer
  • ideal static
  • programming errors
  • input buffer


    • This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
    More information on Chapter Skim is available.