A simplified integer overflow detection method based on path relaxation is described for avoiding buffer overflow triggered by integer overflow. When the integer overflow refers to the size of the buffer allocated dyn...
详细信息
A simplified integer overflow detection method based on path relaxation is described for avoiding buffer overflow triggered by integer overflow. When the integer overflow refers to the size of the buffer allocated dynamically, this kind of integer overflow is most likely to trigger buffer overflow. Based on this discovery, through lightly static program analysis, the solution traces the key variables referring to the size of a buffer allocated dynamically and it maintains the upper bound and lower bound of these variables. After the constraint information of these traced variables is inserted into the original program, this method tests the program with test cases through path relaxation, which means that it not only reports the errors revealed by the current runtime value of traced variables contained in the test case, but it also examines the errors possibly occurring under the same execution path with all the possible values of the traced variables. The effectiveness of this method is demonstrated in a case study. Compared with the traditional buffer overflow detection methods, this method reduces the burden of detection and improves efficiency.
通过研究一个具有代表性的UML/MARTE(unified modeling language/modeling and analysis of real time and embedded systems)模型向FIACRE(intermediate format for the architectures of embedded distributed components)形式模型的...
详细信息
通过研究一个具有代表性的UML/MARTE(unified modeling language/modeling and analysis of real time and embedded systems)模型向FIACRE(intermediate format for the architectures of embedded distributed components)形式模型的转换实例,探讨了异构模型之间在语义和语法层的相互转换问题.在语义层,通过模型转换技术构造语义映射规则,实现元语言之间的转换;在语法层,通过构造元模型的具体语法,反映元语言的语法规则,从而产生目标模型的程序实体.基于此实例研究,探讨了通用转换途径的相关框架和关键技术,并讨论了转换工作的优缺点和实用性.
暂无评论