Improving software security with a C pointer analysis

Dzintars Avots, Michael Dalton, V. Benjamin Livshits, Monica S. Lam
2005 Proceedings of the 27th international conference on Software engineering - ICSE '05  
This paper presents a context-sensitive, inclusion-based, field-sensitive points-to analysis for C and uses the analysis to detect and prevent security vulnerabilities in programs. In addition to a conservative analysis, we propose an optimistic analysis that assumes a more restricted C semantics that reflects common C usage to increase the precision of the analysis. This paper uses the proposed pointer alias analyses to infer the types of variables in C programs and shows that most C variables
more » ... are used in a manner consistent with their declared types. We show that pointer analysis can be used to reduce the overhead of a dynamic string-buffer overflow detector by 30% to 100% among applications with significant overheads. Finally, using pointer analysis, we statically found six format string vulnerabilities in two of the 12 programs we analyzed.
doi:10.1145/1062455.1062520 dblp:conf/icse/AvotsDLL05 fatcat:sovay67qjfdmzkhtj54ccpuvxi