{"title":"基于谓词抽象的C代码中数组边界模型检查","authors":"Yunwei Bai, Qingguo Xu","doi":"10.1109/CCATS.2015.11","DOIUrl":null,"url":null,"abstract":"As C program compilers do not check the array bounds during compiling, array index out of bounds attacks cause serious security problems. Array bound checking is becoming more and more important, however, original array bound checking, which needs programmers manual working, wastes too much time. In this paper, we propose a strategy to address this issue for C code. In this strategy, we use predicate abstraction in the generated CFG (control flow graph), then the CFG is translated to the SMV model using a translating algorithm. Finally, we use the model checking tool-nuXmv to check the array bound. If the array is out of bound, the nuXmv will give the counter-examples.","PeriodicalId":433684,"journal":{"name":"2015 International Conference on Computer Application Technologies","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Array Bounds Model Checking in C Code Based on Predicate Abstraction\",\"authors\":\"Yunwei Bai, Qingguo Xu\",\"doi\":\"10.1109/CCATS.2015.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As C program compilers do not check the array bounds during compiling, array index out of bounds attacks cause serious security problems. Array bound checking is becoming more and more important, however, original array bound checking, which needs programmers manual working, wastes too much time. In this paper, we propose a strategy to address this issue for C code. In this strategy, we use predicate abstraction in the generated CFG (control flow graph), then the CFG is translated to the SMV model using a translating algorithm. Finally, we use the model checking tool-nuXmv to check the array bound. If the array is out of bound, the nuXmv will give the counter-examples.\",\"PeriodicalId\":433684,\"journal\":{\"name\":\"2015 International Conference on Computer Application Technologies\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Computer Application Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCATS.2015.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Computer Application Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCATS.2015.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Array Bounds Model Checking in C Code Based on Predicate Abstraction
As C program compilers do not check the array bounds during compiling, array index out of bounds attacks cause serious security problems. Array bound checking is becoming more and more important, however, original array bound checking, which needs programmers manual working, wastes too much time. In this paper, we propose a strategy to address this issue for C code. In this strategy, we use predicate abstraction in the generated CFG (control flow graph), then the CFG is translated to the SMV model using a translating algorithm. Finally, we use the model checking tool-nuXmv to check the array bound. If the array is out of bound, the nuXmv will give the counter-examples.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
