Integral Security
october 2009 by randombit
Integer overflow and wraparound are major causes of software vulnerabilities in the C and C++ programming languages. In this paper we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow and integer truncation. The AIR integer model either produces a value equivalent to one that would have been obtained using infinitely ranged integers or results in a runtime constraint violation. Unlike previous integer models, AIR integers do not require precise traps, and consequently do not break or inhibit most existing optimizations.
compiler
gcc
security
c
october 2009 by randombit
Treehydra - MDC
october 2009 by randombit
Treehydra is a GCC plugin that provides a low level JavaScript binding to GCC's GIMPLE AST representation. Treehydra is intended for precise static analyses.
c++
gcc
c
static-analysis
tools
october 2009 by randombit
Dehydra - MDC
august 2009 by randombit
Dehydra is a lightweight, scriptable, general purpose static analysis tool capable of application-specific analyses of C++ code.
c++
analysis
testing
gcc
august 2009 by randombit
related tags
analysis ⊕ api ⊕ blog ⊕ bug ⊕ c ⊕ c++ ⊕ c++0x ⊕ cluster ⊕ compiler ⊕ compilers ⊕ computers ⊕ concurrency ⊕ distcc ⊕ distributed ⊕ dll ⊕ faq ⊕ gcc ⊖ hydra ⊕ kernel.org ⊕ library ⊕ linux ⊕ memory ⊕ mingw ⊕ optimizations ⊕ performance ⊕ security ⊕ snapshot ⊕ static-analysis ⊕ stl ⊕ testing ⊕ threads ⊕ tools ⊕ visibility ⊕ windows ⊕Copy this bookmark: