Abstract
A new program analysis is presented, and two compile time methods for this analysis are given. The analysis attempts to answer the question: “Given some trustworthy and some untrustworthy input, can we trust the value of a given variable after execution of some code”. The analyses are based on an abstract interpretation framework and a constraint generation framework respectively. The analyses are proved safe with respect to an instrumented semantics. We explicitly deal with a language with pointers and possible aliasing problems. The constraint based analysis is related directly to the abstract interpretation and therefore indirectly to the instrumented semantics.
Basic Research in Computer Science, Dept. of Comp. Sci., University of Aarhus, Denmark, Centre of the Danish National Research Foundation.
Chapter PDF
Similar content being viewed by others
Keywords
- Constraint Generation
- Abstract Interpretation
- Constraint Variable
- Structural Induction
- Constraint Analysis
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
CERT Advisory 94:12 Sendmail Vulnerability. Technical report, CERT, 1994. URL: ftp://ftp.cert.org/.
P. Cousot and R. Cousot. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In Conference Proceedings of the Fourth ACM Symposium on Principles of Programming Languages, pages 238–252, Los Angeles, January 1977.
D. E. Denning. A Lattice Model of Secure Information Flow. Communications of the ACM, 19(5):236–242, May 1976.
D. E. Denning and P. J. Denning. Certifications of Programs for Secure Information Flow. Communications of the ACM, 20(7):504–512, July 1977.
N. Heintze. Set-Based Analysis of ML Programs. Technical Report CMU-CS-93-193, CMU School of Computer Science, 1993. URL: ftp://reports.adm.cs.cmu.edu/usr/anon/1993/CMU-CS-93-193.ps.
F. Henglein and C. Mossin. Polymorphic Binding-Time Analysis. In D. Sannella, editor, Proceedings of the 1994 European Symposium on Programming (ESOP'94), volume 788 of LNCS, pages 287–301. Springer-Verlag, April 1994.
J. L. Knudsen, M. Löfgren, O. L. Madsen, and B. Magnusson. Object Oriented Environments: The Mjølner Approach. Prentice-Hall, 1993. ISBN 0-13-009291-6.
L. Wall and R. L. Schwartz. Programming Perl. O'Reilly and Associates, 1991.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ørbæk, P. (1995). Can you trust your data. In: Mosses, P.D., Nielsen, M., Schwartzbach, M.I. (eds) TAPSOFT '95: Theory and Practice of Software Development. CAAP 1995. Lecture Notes in Computer Science, vol 915. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-59293-8_221
Download citation
DOI: https://doi.org/10.1007/3-540-59293-8_221
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-59293-8
Online ISBN: 978-3-540-49233-7
eBook Packages: Springer Book Archive