As-if Infinitely Ranged Integer Model

As-if Infinitely Ranged Integer Model

Integer overflow and wraparound are a major cause of software vulnerabilities in the C and C++ programming languages. In this paper, we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow and integer truncation. The A...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Keaton, David, Plum, Thomas, Seacord, Robert C, Svoboda, David, Volkovitsky, Alex, Wilson, Timothy
Format: Report
Sprache:eng
Schlagworte:
AIR(AS-IF INFINITELY RANGED)
COMPUTER PROGRAMS
DATA PROCESSING SECURITY
INTEGER PROGRAMMING
Operations Research
PROGRAMMING LANGUAGES
SECURE CODING
TRUNCATION
VULNERABILITY
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Integer overflow and wraparound are a major cause of software vulnerabilities in the C and C++ programming languages. In this paper, we present the as-if infinitely ranged (AIR) integer model, which provides a largely automated mechanism for eliminating integer overflow and integer truncation. The AIR integer model either produces a value which is equivalent to a value that would have been obtained using infinitely ranged integers or results in a runtime constraint violation. Unlike previous integer models, AIR integers do not require precise traps, and consequently do not break or inhibit most existing optimizations. The original document contains color images.