Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.Cataloged from PDF version of thesis.Includes bibliographical references (pages 67-68).We present a new technique and system, DIODE, for automatically generating inputs that trigger overflows at memory allocation sites. DIODE is designed to identify relevant sanity checks that inputs must satisfy to trigger overflows at target memory allocation sites, then generate inputs that satisfy these sanity checks to successfully trigger the overflow. DIODE works with off-the-shelf, production x86 binaries. Our results show that, for our benchmark set of applications, for every target memory allocation site, either 1) DIODE is able ...
Journal ArticleInteger overflow bugs in C and C++ programs are difficult to track down and may lead ...
Memory errors are a common cause of incorrect software execution and security vulnerabilities. We ha...
Abstract — We present and evaluate a new memory man-agement technique for eliminating memory leaks i...
We present a new technique and system, DIODE, for automatically generating inputs that trigger overf...
We present a new technique and system, DIODE, for auto-matically generating inputs that trigger over...
We present Targeted Automatic Patching (TAP), an automatic buffer and integer overflow discovery and...
We present a system, SIFT, for generating input filters that nullify integer overflow errors associa...
We present a system, SIFT, for generating input filters that nullify integer overflow errors associa...
Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors...
Abstract — This paper outlines the recent work by the author to develop UQBTng, a tool capable of au...
Abstract-Integer overflow errors in C programs are difficult to detect since the C language specific...
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the...
This paper presents a general approach for designing array and tree integer multipliers with overflo...
Multiplication of two n-bit integers produces a 2n-bit product. To allow the result to be stored in ...
Buffer overflows are the source of a vast majority of vulnerabilities in today’s software. Existing ...
Journal ArticleInteger overflow bugs in C and C++ programs are difficult to track down and may lead ...
Memory errors are a common cause of incorrect software execution and security vulnerabilities. We ha...
Abstract — We present and evaluate a new memory man-agement technique for eliminating memory leaks i...
We present a new technique and system, DIODE, for automatically generating inputs that trigger overf...
We present a new technique and system, DIODE, for auto-matically generating inputs that trigger over...
We present Targeted Automatic Patching (TAP), an automatic buffer and integer overflow discovery and...
We present a system, SIFT, for generating input filters that nullify integer overflow errors associa...
We present a system, SIFT, for generating input filters that nullify integer overflow errors associa...
Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors...
Abstract — This paper outlines the recent work by the author to develop UQBTng, a tool capable of au...
Abstract-Integer overflow errors in C programs are difficult to detect since the C language specific...
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the...
This paper presents a general approach for designing array and tree integer multipliers with overflo...
Multiplication of two n-bit integers produces a 2n-bit product. To allow the result to be stored in ...
Buffer overflows are the source of a vast majority of vulnerabilities in today’s software. Existing ...
Journal ArticleInteger overflow bugs in C and C++ programs are difficult to track down and may lead ...
Memory errors are a common cause of incorrect software execution and security vulnerabilities. We ha...
Abstract — We present and evaluate a new memory man-agement technique for eliminating memory leaks i...