Abstract
The C integer types are prone to errors due to unchecked casting that can leave programs vulnerable to a host of security exploits. These errors manifest themselves when there is a semantic disconnect between the programmer’s view of the language and the actual implementation of the programming language. To help detect these errors, we are developing a C integer type safety checking tool written in ACL2. This paper presents the justification and fundamental logic behind the tool, the basic operations of the tool, and discussion of future plans.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ISO/IEC: Programming Language—C. International Committee for Information Technology Standards. Iso/iec 9899:2011 edn. (October 2011)
Seacord, R.C.: Secure Coding in C and C++. Pearson Education (2006)
Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTREÉ analyzer. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 21–30. Springer, Heidelberg (2005)
Ritichie, D.M.: The development of the C language. ACM SIGPLAN Notices 4, 201–208 (March 1993); Reprints of the Second ACM SIGPLAN History of Programming Language (HOPL II)
ISO/IEC: C Programming Language. International Committee for Information Technology Standards. Iso/iec 9899:1999 edn. (1999)
Mitchell, J.C.: Type inference with simple subtypes. Journal of Functional Programming 1(3), 245–285 (1991)
Cardelli, L.: Type systems. In: Handbook of Computer Science and Engineering. CRC Press (1997)
Kaufmann, M., Manolios, P., Moore, J.S.: Computer-Aided Reasoning: An Approach. Kluwer Academic Publishers, USA (2002)
Alves-Foss, J.: C2acl2 translator design document. Technical report, Computer Science Department, University of Idaho (2010)
Liskov, B.H., Wing, J.M.: A behavioral notion of subtyping. ACM Transactions on Programming Languages and Systems 16, 1811–1841 (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Krause, K., Alves-Foss, J. (2013). On Designing an ACL2-Based C Integer Type Safety Checking Tool. In: Brat, G., Rungta, N., Venet, A. (eds) NASA Formal Methods. NFM 2013. Lecture Notes in Computer Science, vol 7871. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38088-4_36
Download citation
DOI: https://doi.org/10.1007/978-3-642-38088-4_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38087-7
Online ISBN: 978-3-642-38088-4
eBook Packages: Computer ScienceComputer Science (R0)