search menu icon-carat-right cmu-wordmark

Automated Code Repair to Ensure Memory Safety (2019)

October 2019 Presentation
William Klieber

This presentation decribes an approach to automatically repair source doe to assure memory safety.

Publisher:

Software Engineering Institute

Abstract

A serious limitation in assuring the security of DoD software is the inability to take a codebase and either verify that it is memory safe or repair potential bugs to make it memory safe. Existing static analysis tools either report an enormous number of false alarms or fail to report true vulnerabilities. We propose to design and implement a technique for automatically repairing (in the source code) all potential violations of memory safety so that the program is provably memory safe.