Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities (repost)
Value-Range Analysis of C Programs: Towards Proving the Absence of Buffer Overflow Vulnerabilities
322 pages | Springer; 1st Edition. edition (June 19, 2008) | ISBN-10: 1848000162 | PDF | 1 Mb
Value-Range Analysis of C Programs describes a static analysis for detecting buffer overflows. A buffer overflow in a C program occurs when input is read into a memory buffer whose length exceeds that of the buffer. Overflows usually lead to crashes and may even enable a malicious person to gain control over a computer system. They are recognised as one of the most widespread forms of computer vulnerability. Based on the analysis of a standard mail-forwarding program, necessary refinements of the basic analysis are examined, thereby paving the way for an analysis that is precise enough to prove the absence of buffer overflows in legacy C code.