Software Engineering Institute

Software vulnerabilities constitute a major threat to DoD. Memory violations are among the most common and most severe types of vulnerabilities. The main technique that we use (fat pointers) has been previously researched as a compiler pass to repair the intermediate representation (IR) of a program. Our work is novel in applying it as a source-code repair, which poses the difficulty of translating the repairs at the IR level back to source code.