Detection of Incorrect Pointer Dereferences for C/C plus plus Programs using Static Code Analysis and Logical Inference

被引：1

作者：

Vert, Tatiana ^{[1
]}

Krikun, Tatiana ^{[1
]}

Glukhikh, Mikhail ^{[2
]}

机构：

[1] St Petersburg State Polytech Univ, St Petersburg, Russia

[2] Tech Univ Clausthal, Clausthal Zellerfeld, Germany

来源：

2013 TOOLS & METHODS OF PROGRAM ANALYSIS (TMPA 2013) | 2013年

关键词：

C source code error detection; static code analysis; logical inference;

D O I：

10.1109/TMPA.2013.12

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This article considers a method for an increase of static code analysis precision. The method extends classic code analysis algorithm with dependency analysis. For this purpose, during abstract interpretation information about statically known values should be extracted as well as dependencies between unknown values. Dependencies can be represented with first-order logic predicates. Such a method allows using of external logical inference tools to prove truth or falsehood of branch conditions and of error occurence conditions. The main focus is oriented to pointer analysis logic and incorrect dereference detection rules. A prototype is implemented and results of efficiency evaluation are provided. The prototype uses Microsoft Z3 Solver as a logical inference tool. A significant precision increase is shown, ways for performance boosting are suggested.

引用

页码：78 / 82

页数：5

共 50 条

[21] From Theory to Code: Identifying Logical Flaws in Cryptographic Implementations in C/C plus
Rahaman, Sazzadur
Cai, Haipeng
Chowdhury, Omar
Yao, Danfeng
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (06) : 3790 - 3803
[22] Automatic Test Generation for C and C plus plus Programs, Using Symbolic Execution
Yoshida, Hiroaki
Li, Guodong
Kamiya, Takuki
Ghosh, Indradeep
Rajan, Sreeranga
Tokumoto, Susumu
Munakata, Kazuki
Uehara, Tadahiro
[J]. IEEE SOFTWARE, 2017, 34 (05) : 30 - 37
[23] C plus plus Code Generation for Fast Inference of Deep Learning Models in ROOT/TMVA
An, Sitong
Moneta, Lorenzo
Sengupta, Sanjiban
Hamdan, Ahmat
Sossai, Federico
Saxena, Aaradhya
[J]. 20TH INTERNATIONAL WORKSHOP ON ADVANCED COMPUTING AND ANALYSIS TECHNIQUES IN PHYSICS RESEARCH, 2023, 2438
[24] Designing clamps using CAD programs and C plus plus language
Urdea, Mihaela
Parv, Luminita
Lupulescu, Nouras Barbu
[J]. PROCEEDINGS OF THE 5TH WSEAS INTERNATIONAL CONFERENCE ON APPLIED AND THEORETICAL MECHANICS (MECHANICS '09), 2009, : 144 - 147
[25] Designing clamps using CAD programs and C plus plus language
Urdea, Mihaela
Parv, Luminita
Lupulescu, Nouras Barbu
[J]. ADVANCES IN MANUFACTURING ENGINEERING, QUALITY AND PRODUCTION SYSTEMS, VOL II, 2009, : 453 - 456
[26] Evolution of Code Clone Ratios throughout Development History of Open-Source C and C plus plus Programs
Goon, Anfernee
Wu, Yuhao
Matsushita, Makoto
Inoue, Katsuro
[J]. 2017 IEEE 11TH INTERNATIONAL WORKSHOP ON SOFTWARE CLONES (IWSC), 2017, : 47 - 53
[27] Analysis of Entities in C and C plus plus Programs and Relations between Them for Program Understanding
Belevantsev, A. A.
Veselevich, E. A.
Ivannikov, V. P.
[J]. PROGRAMMING AND COMPUTER SOFTWARE, 2016, 42 (01) : 49 - 53
[28] Empirical Study of Software Composition Analysis Tools for C/C plus plus Binary Programs
Ning, Yuqiao
Zhang, Yanan
Ma, Chao
Guo, Zhen
Yu, Longhai
[J]. IEEE ACCESS, 2024, 12 : 50418 - 50430
[29] Advances in the ANaConDA Framework for Dynamic Analysis and Testing of Concurrent C/C plus plus Programs
Fiedor, Jan
Muzikovska, Monika
Smrcka, Ales
Vasicek, Ondrej
Vojnar, Tomas
[J]. ISSTA'18: PROCEEDINGS OF THE 27TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, 2018, : 356 - 359
[30] Using Static Analysis to Support Variability Implementation Decisions in C plus
Al Masri, Samer
Nadi, Sarah
Gaudet, Matthew
Liang, Xiaoli
Young, Robert W.
[J]. SPLC'18: PROCEEDINGS OF THE 22ND INTERNATIONAL SYSTEMS AND SOFTWARE PRODUCT LINE CONFERENCE, VOL 1, 2018, : 236 - 245

← 1 2 3 4 5 →