Using Programmer-Written Compiler Extensions to Catch Security Holes

Abstract

This paper shows how system-specific static analysis can find security errors that violate rules such as "integers from untrusted sources must be sanitized before use" and "do not dereference user-supplied pointers." In our approach, programmers write system-specific extensions that are linked into the compiler and check their code for errors. We demonstrate the approach's effectiveness by using it to find over 100 security errors in Linux and OpenBSD, over 50 of which have led to kernel patches. An unusual feature of our approach is the use of methods to automatically detect when we miss code actions that should be checked.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2001
Accession Number
ADA419600

Entities

People

  • Dawson Engler
  • Ken Ashcraft

Organizations

  • Stanford University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Arithmetic
  • Automatic
  • Buffer Overflow Attack
  • Case Studies
  • Compilers
  • Computer Programming
  • Computer Programs
  • Computers
  • Denial Of Service Attack
  • Detection
  • False Alarms
  • Language
  • Machine Languages
  • Natural Languages
  • Operating Systems
  • Security
  • Specifications

Fields of Study

  • Computer science

Readers

  • Applied Combinatorial Optimization and Logic Circuit Design.
  • Computer Programming and Software Development.
  • Cybersecurity.