Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
Security 2001 Paper    [Security '01 Tech Program Index]

Pp. 201–218 of the Proceedings
next up previous
Next: 1 Introduction

Detecting Format String Vulnerabilities with Type Qualifiers1

Umesh Shankar Kunal Talwar Jeffrey S. Foster David Wagner
{ushankar,kunal,jfoster,daw}@cs.berkeley.edu
University of California at Berkeley

Abstract:

We present a new system for automatically detecting format string security vulnerabilities in C programs using a constraint-based type-inference engine. We describe new techniques for presenting the results of such an analysis to the user in a form that makes bugs easier to find and to fix. The system has been implemented and tested on several real-world software packages. Our tests show that the system is very effective, detecting several bugs previously unknown to the authors and exhibiting a low rate of false positives in almost all cases. Many of our techniques are applicable to additional classes of security vulnerabilities, as well as other type- and constraint-based systems.





Umesh Shankar 2001-05-16

This paper was originally published in the Proceedings of the 10th USENIX Security Symposium, August 13–17, 2001, Washington, D.C., USA
Last changed: 2 Jan. 2002 ml
Technical Program
Security '01 Home
USENIX home