|
Purpose |
The objective of this research is to
develop a static analysis for detecting visibility-violating codes in C++
programs. The current C++ compilers check cannot detect all of these errors, In
order to provide this, we define the problem of visibility violation, and
design the analysis to detect visibility-violating codes, and devise the
method to reduce the overhead of our analysis. |
||
|
Contents |
Recently, computers have become
pervasive through whole fields of real world, the costs of sw malfunction may
be serious. This is mainly due to the unreliable operations in programs. So,
the need of static analyzer to detect sw vulnerabilities automatically is
increasing. As the current C++ compilers cannot
detect all of such vulnerabilities as visibility-violating codes, so we try
to develop static analyzer to detect such vulnerabilities. In order to
develop our static analyzer, we need to define our problem formally, because
this is a new problem. We also study the memory model in order to enhance the
efficiency and to reduce the information to be kept. We also need to compute
the type of the value to be referenced by pointer, because we have to inspect
the visibility of the pointed value. We devise the algorithms to determine
violation of visibility and also prove the correctness of our algorithm. In this research, we experiment our
analyzer on C++ programs used in real world, and demonstrate the excellence
of our analyzer. |
||
|
Expected Contribution |
In this research, we provide a
theoretical framework and a practical analyzer to detect visibility violating
codes, so our results can be used to protect secure data. And our results can
be also used to develop reliable software by reducing run-time error. From a scientific view, the results
from theoretical static analysis can be applied to the practical field such
as C++ program vulnerability. Our attempt will contribute to reduce the gap
between the theoretical academic researches and the practical real world
developments. From an economic view, our results
will reduce the costs of sw security. |
||
|
Keywords |
static analysis |
program
analysis |
class
visibility |
|
SW vulnerability |
SW security |
Data
type |
|
|
C++ |
|||
Click here to return to my Home Page
.