The Interface Definition Language for FailSafe C不安全的接口定义语言.pptVIP

  • 5
  • 0
  • 约1.93万字
  • 约 44页
  • 2017-03-09 发布于上海
  • 举报

The Interface Definition Language for FailSafe C不安全的接口定义语言.ppt

The Interface Definition Language for FailSafe C不安全的接口定义语言

International Symposium on Software Security The Interface Definition Language for Fail-Safe C Kohei Suenaga, Yutaka Oiwa, Eijiro Sumii, Akinori Yonezawa University of Tokyko In this presentation… We introduce the IDL for Fail-Safe C With our IDL, we can… Easily generate wrappers for external functions Safely interface Fail-Safe C with external functions Our approach can be used to other safe languages Background Fail-Safe C Safe implementation of C Translates C sources to fail-safe ones Inserts safety checks such as boundary checks Ensures safety focusing on types of objects Prevents programs from performing unsafe operations Problems of Fail-Safe C Cooperation with external functions Data representation problem Fail-Safe C uses its original data representation ? Cannot call external functions directly Safety problem Many external functions require preconditions for safety Solution To prepare a wrapper for each function Checks preconditions, converts representation, … Approach Interface Definition Language (IDL) Describe preconditions and behavior of external functions with the IDL Outline of the Presentation Safety Fail-Safe C and our IDL guarantees Internal data representation of Fail-Safe C Wrappers’ behavior Experiment Related work Future work The Safety Fail-Safe C Guarantees If a program attempts to perform undefined behavior, Fail-Safe C aborts the program before the operation is performed The Safety Fail-Safe C Guarantees void strcpy(char *s1, char *s2) { while (*s1++ = *s2++) ; } The Safety Fail-Safe C Guarantees void strcpy(char *s1, char *s2) { while (*s1++ = *s2++) ; } The Safety Fail-Safe C Guarantees (again) If a program attempts to perform undefined behavior, Fail-Safe C aborts the program before the operation is performed The Safety our IDL Guarantees Two assumptions Fail-Safe C does not contain bugs The safety of Fail-Safe C does hold just before wrappers are called Interface definitions correctly reflect the implementation of external function

您可能关注的文档

文档评论(0)

1亿VIP精品文档

相关文档