Detection of Incorrect Pointer Dereferences for C/C plus plus Programs using Static Code Analysis and Logical Inference

被引：1

作者：

Vert, Tatiana ^{[1
]}

Krikun, Tatiana ^{[1
]}

Glukhikh, Mikhail ^{[2
]}

机构：

[1] St Petersburg State Polytech Univ, St Petersburg, Russia

[2] Tech Univ Clausthal, Clausthal Zellerfeld, Germany

来源：

2013 TOOLS & METHODS OF PROGRAM ANALYSIS (TMPA 2013) | 2013年

关键词：

C source code error detection; static code analysis; logical inference;

D O I：

10.1109/TMPA.2013.12

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This article considers a method for an increase of static code analysis precision. The method extends classic code analysis algorithm with dependency analysis. For this purpose, during abstract interpretation information about statically known values should be extracted as well as dependencies between unknown values. Dependencies can be represented with first-order logic predicates. Such a method allows using of external logical inference tools to prove truth or falsehood of branch conditions and of error occurence conditions. The main focus is oriented to pointer analysis logic and incorrect dereference detection rules. A prototype is implemented and results of efficiency evaluation are provided. The prototype uses Microsoft Z3 Solver as a logical inference tool. A significant precision increase is shown, ways for performance boosting are suggested.

引用

页码：78 / 82

页数：5

共 50 条

[1] Efficient detection of dangling pointer error for C/C plus plus programs
Zhang, Wenzhe
[J]. 2ND ANNUAL INTERNATIONAL CONFERENCE ON INFORMATION SYSTEM AND ARTIFICIAL INTELLIGENCE (ISAI2017), 2017, 887
[2] A Dynamic Detection Method to C/C plus plus Programs Memory Vulnerabilities Based on Pointer Analysis
Ma, Rui
Chen, Lingkui
Hu, Changzhen
Xue, Jingfeng
Zhao, Xiaolin
[J]. 2013 IEEE 11TH INTERNATIONAL CONFERENCE ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING (DASC), 2013, : 52 - 57
[3] Static Analysis Approach for Defect Detection in Multithreaded C/C plus plus Programs
Moiseev, Mikhail
[J]. SOFTWARE ENGINEERING FOR RESILIENT SYSTEMS, SERENE 2013, 2013, 8166 : 169 - 183
[4] SPrinter: A Static Checker for Finding Smart Pointer Errors in C plus plus Programs
Ma, Xutong
Yan, Jiwei
Li, Yaqi
Yan, Jun
Zhang, Jian
[J]. 34TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE 2019), 2019, : 1122 - 1125
[5] CoBOT: Static C/C plus plus Bug Detection in the Presence of Incomplete Code
Gao, Qing
Zhang, Shikun
Chen, Xianglong
Ma, Sen
Shao, Sihao
Sui, Yulei
Zhao, Guoliang
Ma, Luyao
Ma, Xiao
Duan, Fuyao
Deng, Xiao
[J]. 2018 IEEE/ACM 26TH INTERNATIONAL CONFERENCE ON PROGRAM COMPREHENSION (ICPC 2018), 2018, : 385 - 388
[6] A Comparison of Open-Source Static Analysis Tools for Vulnerability Detection in C/C plus plus Code
Arusoaie, Andrei
Ciobaca, Stefan
Craciun, Vlad
Gavrilut, Dragos
Lucanu, Dorel
[J]. 2017 19TH INTERNATIONAL SYMPOSIUM ON SYMBOLIC AND NUMERIC ALGORITHMS FOR SCIENTIFIC COMPUTING (SYNASC 2017), 2017, : 161 - 168
[7] Comparative Study on Static Code Analysis Tools for C/C plus
Fatima, Anum
Bibi, Shazia
Hanif, Rida
[J]. PROCEEDINGS OF 2018 15TH INTERNATIONAL BHURBAN CONFERENCE ON APPLIED SCIENCES AND TECHNOLOGY (IBCAST), 2018, : 465 - 469
[8] Static Analysis of Functors' Mathematical Properties in C plus plus Source Code
Babati, Bence
Pataki, Norbert
[J]. INTERNATIONAL CONFERENCE ON NUMERICAL ANALYSIS AND APPLIED MATHEMATICS (ICNAAM-2018), 2019, 2116
[9] Static Integration of SQL Queries in C plus plus Programs
Sysak, Maciej
Zielinski, Bartosz
Kruszynski, Piotr
Sobieski, Scibor
Maslanka, Pawel
[J]. ADVANCES IN DATABASES AND INFORMATION SYSTEMS (ADBIS 2014), 2014, 8716 : 126 - 138
[10] Analysis and Code Model Extraction for C/C plus plus Source Code
Wagner, Christian
Margaria, Tiziana
Pagendarm, Hans-Georg
[J]. 2009 14TH IEEE INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS (ICECCS), 2009, : 110 - +

← 1 2 3 4 5 →