Loading [a11y]/accessibility-menu.js
M-String Segmentation: A Refined Abstract Domain for String Analysis in C Programs | IEEE Conference Publication | IEEE Xplore

M-String Segmentation: A Refined Abstract Domain for String Analysis in C Programs


Abstract:

We present a refined segmentation abstract domain for the analysis of strings in the C programming language, properly extending the parametric segmentation approach to ar...Show More

Abstract:

We present a refined segmentation abstract domain for the analysis of strings in the C programming language, properly extending the parametric segmentation approach to array representation introduced by P. Cousot et al. to the case of text values. In particular, we capture the so-called string of interest of an array of char, in order to distinguish well-formed string arrays. A concrete and abstract semantics of the main C header file string.h functions are worked out in full detail.
Date of Conference: 29-31 August 2018
Date Added to IEEE Xplore: 06 December 2018
ISBN Information:
Conference Location: Guangzhou, China

I. Introduction

Strings, in the C programming language, are represented as char arrays where the last significant element of each string is followed by a terminating null character. Arrays of characters that do not explicitly contain the terminating character, do not represent a string. A programmer must handle the structure of a char array according to the concept of string, for example, guaranteeing the presence of the terminating null character in it. When this issue is not properly handled, run-time errors may occur. The four most common errors are: unbounded string copies, off-by-one errors, null termination errors and string truncation. Moreover, many functions that manage standard strings, like the strcpy () and the strcat (), are highly susceptible to error, leading to buffer overflows [19]. We aim to detect these string manipulation errors by taking advantage of static analysis, in particular of the abstract interpretation technique.

Contact IEEE to Subscribe

References

References is not available for this document.