skip to main content
article
Free Access

Flow-insensitive type qualifiers

Published:01 November 2006Publication History
Skip Abstract Section

Abstract

We describe flow-insensitive type qualifiers, a lightweight, practical mechanism for specifying and checking properties not captured by traditional type systems. We present a framework for adding new, user-specified type qualifiers to programming languages with static type systems, such as C and Java. In our system, programmers add a few type qualifier annotations to their program, and automatic type qualifier inference determines the remaining qualifiers and checks the annotations for consistency. We describe a tool CQual for adding type qualifiers to the C programming language. Our tool CQual includes a visualization component for displaying browsable inference results to the programmer. Finally, we present several experiments using our tool, including inferring const qualifiers, finding security vulnerabilities in several popular C programs, and checking initialization data usage in the Linux kernel. Our results suggest that inference and visualization make type qualifiers lightweight, that type qualifier inference scales to large programs, and that type qualifiers are applicable to a wide variety of problems.

References

  1. Abadi, M., Banerjee, A., Heintze, N., and Riecke, J. G. 1999. A core calculus of dependency. In Proceedings of the 26th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Language (San Antonio, TX). ACM, New York, 147--160.]] Google ScholarGoogle Scholar
  2. Aiken, A., Foster, J. S., Kodumal, J., and Terauchi, T. 2003. Checking and inferring local non-aliasing. In Proceedings of the 2003 ACM SIGPLAN Conference on Programming Language Design and Implementation (San Diego, CA). ACM, New York, 129--140.]] Google ScholarGoogle Scholar
  3. Ansi 1989. Rationale for American National Standard for Information Systems---Programming Language---C. ANSI. Associated with ANSI standard X3.159-1989.]]Google ScholarGoogle Scholar
  4. Ansi 1999. Programming languages---C. ANSI/ISO/IEC 9899:1999.]]Google ScholarGoogle Scholar
  5. Bailleux, C. 2000. More security problems in bftpd-1.0.12. BugTraq Mailing List. http://www.securityfocus.com/archive/1/149977.]]Google ScholarGoogle Scholar
  6. Ball, T., Naik, M., and Rajamani, S. K. 2003. From symptom to cause: Localizing errors in counterexample traces. In Proceedings of the 30th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (New Orleans, LA), ACM, New York, 97--105.]] Google ScholarGoogle Scholar
  7. Ball, T. and Rajamani, S. K. 2001. Automatically validating temporal safety properties of interfaces. In Proceedings of the 8th International SPIN Workshop on Model Checking of Software. Lecture Notes in Computer Science, vol. 2057, Springer-Verlag, New York, 103--122.]] Google ScholarGoogle Scholar
  8. Ball, T. and Rajamani, S. K. 2002. The SLAM project: Debugging system software via static analysis. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Portland, OR). ACM, New York, 1--3.]] Google ScholarGoogle Scholar
  9. Bishop, M. and Dilger, M. 1996. Checking for race conditions in file accesses. Comput. Syst. 2, 2, 131--152.]]Google ScholarGoogle Scholar
  10. Broadwell, P., Harren, M., and Sastry, N. 2003. Scrash: A system for generating secure crash information. In Proceedings of the 12th Usenix Security Symposium (Washington, DC).]] Google ScholarGoogle Scholar
  11. Bush, W. R., Pincus, J. D., and Sielaff, D. J. 2000. A static analyzer for finding dynamic programming errors. Softw.---Pract. Exper. 30, 7 (June), 775--802.]] Google ScholarGoogle Scholar
  12. Cert. 2001. CERT Advisory CA-2001-19 “Code Red” worm exploiting buffer overflow In IIS indexing service DLL. http://www.cert.org/advisories/CA-2001-19.html.]]Google ScholarGoogle Scholar
  13. Chandra, S. and Reps, T. W. 1999. Physical type checking for C. In Proceedings of the ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (Toulouse, France). ACM, New York, 66--75.]] Google ScholarGoogle Scholar
  14. Chin, B., Markstrum, S., and Millstein, T. 2005. Semantic type qualifiers. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (Chicago, IL). ACM, New York.]] Google ScholarGoogle Scholar
  15. Cousot, P. and Cousot, R. 1977. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, New York, 238--252.]] Google ScholarGoogle Scholar
  16. Cowan, C., Barringer, M., Beattie, S., and Kroah-Hartman, G. 2001. FormatGuard: Automatic protection from print format string vulnerabilities. In Proceedings of the 10th Usenix Security Symposium (Washington, DC).]] Google ScholarGoogle Scholar
  17. Das, M., Lerner, S., and Seigle, M. 2002. ESP: Path-sensitive program verification in polynomial time. In Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 57--68.]] Google ScholarGoogle Scholar
  18. Das, M., Liblit, B., Fähndrich, M., and Rehof, J. 2001. Estimating the impact of scalable pointer analysis on optimization. In Static Analysis, Eighth International Symposium (Paris, France), P. Cousot, Ed. Lecture Notes in Computer Science, vol. 2126. Springer-Verlag, New York.]] Google ScholarGoogle Scholar
  19. Davey, B. A. and Priestley, H. A. 1990. Introduction to Lattices and Order. Cambridge University Press.]]Google ScholarGoogle Scholar
  20. DeKok, A. 2000. PScan: A limited problem scanner for C source files. http://www.striker.ottawa.on.ca/~aland/pscan.]]Google ScholarGoogle Scholar
  21. DeLine, R. and Fähndrich, M. 2001. Enforcing high-level protocols in low-level software. In Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation (Snowbird, UT). ACM, New York, 59--69.]] Google ScholarGoogle Scholar
  22. Denning, D. E. 1976. A lattice model of secure information flow. Commun. ACM 19, 5 (May), 236--243.]] Google ScholarGoogle Scholar
  23. Detlefs, D. L., Leino, K. R. M., Nelson, G., and Saxe, J. B. 1998. Extended static checking. Tech. Rep. 159, Compaq Systems Research Center. Dec.]]Google ScholarGoogle Scholar
  24. Dussart, D., Henglein, F., and Mossin, C. 1995. Polymorphic recursion and subtype qualifications: Polymorphic binding-time analysis in polynomial time. In Static Analysis, Second International Symposium (Glasgow, Scotland), A. Mycroft, Ed. Lecture Notes in Computer Science, vol. 983. Springer-Verlag, New York, 118--135.]] Google ScholarGoogle Scholar
  25. Eifrig, J., Smith, S., and Trifonov, V. 1995. Type inference for recursively constrained types and its application to OOP. In Mathematical Foundations of Programming Semantics, Eleventh Annual Conference. Electronic Notes in Theoretical Computer Science, vol. 1. Elsevier-North Holland, Amsterdam, The Netherlands.]]Google ScholarGoogle Scholar
  26. Engler, D., Chelf, B., Chou, A., and Hallem, S. 2000. Checking system rules using system-specific, programmer-written compiler extensions. In Proceedings of the 4th Symposium on Operating System Design and Implementation (San Diego, CA).]] Google ScholarGoogle Scholar
  27. Evans, D. 1996. Static detection of dynamic memory errors. Proceedings of the 1996 ACM SIGPLAN Conference on Programming Language Design and Implementation (Philadelphia, PA). ACM, New York, 44--53.]] Google ScholarGoogle Scholar
  28. Fähndrich, M. 1999. BANE: A library for scalable constraint-based program analysis. Ph.D. thesis, University of California, Berkeley.]]Google ScholarGoogle Scholar
  29. Fähndrich, M. and DeLine, R. 2002. Adoption and focus: Practical linear types for imperative programming. Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 13--24.]] Google ScholarGoogle Scholar
  30. Fähndrich, M., Foster, J. S., Su, Z., and Aiken, A. 1998. Partial online cycle elimination in inclusion constraint graphs. In Proceedings of the 1998 ACM SIGPLAN Conference on Programming Language Design and Implementation (Montreal, Ont., Canada). ACM, New York, 85--96.]] Google ScholarGoogle Scholar
  31. Flanagan, C., Flatt, M., Krishnamurthi, S., Weirich, S., and Felleisen, M. 1996. Catching bugs in the web of program invariants. Proceedings of the 1996 ACM SIGPLAN Conference on Programming Language Design and Implementation (Philadelphia, PA). ACM, New York, 23--32.]] Google ScholarGoogle Scholar
  32. Flanagan, C. and Leino, K. R. M. 2001. Houdini, an annotation assitant for ESC/Java. In FME 2001: Formal Methods for Increasing Software Productivity, International Symposium of Formal Methods (Berlin, Germany) J. N. Oliverira and P. Zave, Eds. Lecture Notes in Computer Science, vol. 2021. Springer-Verlag, New York, 500--517.]] Google ScholarGoogle Scholar
  33. Flanagan, C., Leino, K. R. M., Lillibridge, M., Nelson, G., Saxe, J. B., and Stata, R. 2002. Extended static checking for Java. Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 234--245.]] Google ScholarGoogle Scholar
  34. Foster, J. S. 2002. Type qualifiers: Lightweight specifications to improve software quality. Ph.D. dissertation, University of California, Berkeley, Berkeley, CA.]] Google ScholarGoogle Scholar
  35. Foster, J. S., Fähndrich, M., and Aiken, A. 1999. A theory of type qualifiers. In Proceedings of the 1999 ACM SIGPLAN Conference on Programming Language Design and Implementation (Atlanta, GA). ACM, New York, 192--203.]] Google ScholarGoogle Scholar
  36. Foster, J. S., Terauchi, T., and Aiken, A. 2002. Flow-sensitive type qualifiers. In Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 1--12.]] Google ScholarGoogle Scholar
  37. Frasunek, P. 2001a. format string vulnerability in mars_nwe 0.99pl19. http://online.securityfocus.com/archive/1/158959.]]Google ScholarGoogle Scholar
  38. Frasunek, P. 2001b. ports/24733: mars_nwe remote format string vulnerability. http://groups.google.com/groups?q=mars_nwe+vulnerability&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=9566si%24gpv%241%40FreeBSD.csie.NCTU.edu.tw&rnum=1.]]Google ScholarGoogle Scholar
  39. Freeman, T. and Pfenning, F. 1991. Refinement types for ML. In Proceedings of the 1991 ACM SIGPLAN Conference on Programming Language Design and Implementation (Toronto, Ont., Canada). ACM, New York, 268--277.]] Google ScholarGoogle Scholar
  40. Gates, B. 2002. Trustworthy computing. Microsoft internal memo. Available at http://www.theregister.co.uk/content/4/23715.html.]]Google ScholarGoogle Scholar
  41. Gay, D. and Aiken, A. 2001. Language support for regions. In Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation (Snowbird, UT). ACM, New York, 70--80.]] Google ScholarGoogle Scholar
  42. Gifford, D. K., Jouvelot, P., Lucassen, J. M., and Sheldon, M. A. 1987. FX-87 Reference Manual. Tech. Rep. MIT/LCS/TR-407, MIT Laboratory for Computer Science. Sept.]]Google ScholarGoogle Scholar
  43. Greenfieldboyce, D. and Foster, J. S. 2004. Visualizing type qualifier inference with eclipse. In Proceedings of the Workshop on Eclipse Technology eXchange (Vancouver, B.C., Canada). ACM, New York.]] Google ScholarGoogle Scholar
  44. Grossman, D., Morrisett, G., Jim, T., Hicks, M., Wang, Y., and Cheney, J. 2002. Region-based memory management in cyclone. Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 282--293.]] Google ScholarGoogle Scholar
  45. Grossman, D., Morrisett, G., Wang, Y., Jim, T., Hicks, M., and Cheney, J. 2001. Cyclone user's manual. Tech. Rep. 2001-1855, Department of Computer Science, Cornell University. Nov.]] Google ScholarGoogle Scholar
  46. Hallem, S., Chelf, B., Xie, Y., and Engler, D. 2002. A system and language for building system-specific, static analyses. In Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (Berlin, Germany). ACM, New York, 69--82.]] Google ScholarGoogle Scholar
  47. Harrelson, C. 2001. Program analysis mode. http://www.cs.berkeley.edu/~chrishtr/pam.]]Google ScholarGoogle Scholar
  48. Heintze, N. and Tardieu, O. 2001. Ultra-fast aliasing analysis using CLA: A million lines of C code in a second. In Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation (Snowbird, UT). ACM, New York, 254--263.]] Google ScholarGoogle Scholar
  49. Henglein, F. 1991. Efficient type inference for higher-order binding-time analysis. In FPCA '91 Conference on Functional Programming Languages and Computer Architecture (Cambridge, MA), J. Hughes, Ed. Lecture Notes in Computer Science, vol. 523. Springer-Verlag, New York, 448--472.]] Google ScholarGoogle Scholar
  50. Henglein, F. 1993. Type inference with polymorphic recursion. ACM Trans. Prog. Lang. Syst. 15, 2 (Apr.), 253--289.]] Google ScholarGoogle Scholar
  51. Henrion, M. 2000. MUH IRC bouncer remote vulnerability. FreeBSD-SA-00:57. http://www.securityfocus.com/advisories/2741.]]Google ScholarGoogle Scholar
  52. Henzinger, T. A., Jhala, R., Majumdar, R., and Sutre, G. 2002. Lazy abstraction. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Portland, OR). ACM, New York, 58--70.]] Google ScholarGoogle Scholar
  53. Horwitz, S., Reps, T., and Sagiv, M. 1995. Demand interprocedural dataflow analysis. In Proceedings of the 3rd Symposium on the Foundations of Software Engineering (Washington, DC), 104--115.]] Google ScholarGoogle Scholar
  54. Huuskonen, J. 2000a. Possibility for format char errors in syslog call. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17349.]]Google ScholarGoogle Scholar
  55. Huuskonen, J. 2000b. Some possible format string errors. Linux security audit project mailing list. http://www2.merton.ox.ac.uk/~security/security-audit-200009/0118.html.]]Google ScholarGoogle Scholar
  56. Huuskonen, J. 2000c. syslog(prio, buf) in mars_nwe. Linux security audit project mailing list. http://www2.merton.ox.ac.uk/~security/security-audit-200009/0136.html.]]Google ScholarGoogle Scholar
  57. Johnson, R. and Wagner, D. 2004. Finding user/kernel bugs with type inference. In Proceedings of the 13th Usenix Security Symposium (San Diego, CA).]] Google ScholarGoogle Scholar
  58. Klarlund, N. and Schwartzbach, M. I. 1993. Graph types. In Proceedings of the 20th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Charleston, SC). ACM, New York, 196--205.]] Google ScholarGoogle Scholar
  59. Larochelle, D. and Evans, D. 2001. Statically detecting likely buffer overflow vulnerabilities. In Proceedings of the 10th Usenix Security Symposium (Washington, DC).]] Google ScholarGoogle Scholar
  60. Leino, K. R. M. and Nelson, G. 1998. An extended static checker for modula-3. In Compiler Construction, 7th International Conference (Lisbon, Portugal). K. Koskimies, Ed. Lecture Notes in Computer Science, vol. 1383. Springer-Verlag, New York, 302--305.]] Google ScholarGoogle Scholar
  61. Liblit, B. and Aiken, A. 2000. Type systems for distributed data structures. In Proceedings of the 27th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Boston, MA). ACM, New York, 199--213.]] Google ScholarGoogle Scholar
  62. Lucassen, J. M. and Gifford, D. K. 1988. Polymorphic effect systems. In Proceedings of the 15th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Diego, CA). ACM, New York, 47--57.]] Google ScholarGoogle Scholar
  63. Mandelbaum, Y., Walker, D., and Harper, R. 2003. An effective theory of type refinements. In Proceedings of the 8th ACM SIGPLAN International Conference on Functional Programming (Uppsala, Sweden). ACM, New York, 213--225.]] Google ScholarGoogle Scholar
  64. Mars Climate Orbiter Mishap Investigation Board. 1999. Phase I Report. ftp://ftp.hq.nasa.gov/pub/pao/reports/1999/MCO_report.pdf.]]Google ScholarGoogle Scholar
  65. Milner, R. 1978. A theory of type polymorphism in programming. J. Comput. Syst. Sci. 17, 348--375.]]Google ScholarGoogle Scholar
  66. Mitchell, J. C. 1991. Type inference with simple subtypes. J. Funct. Prog. 1, 3 (July), 245--285.]]Google ScholarGoogle Scholar
  67. Møller, A. and Schwartzbach, M. I. 2001. The pointer assertion logic engine. In Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation (Snowbird, UT). ACM, New York, 221--231.]] Google ScholarGoogle Scholar
  68. Mossin, C. 1996. Flow analysis of typed higher-order programs. Ph.D. dissertation. DIKU, Department of Computer Science, University of Copenhagen.]]Google ScholarGoogle Scholar
  69. Necula, G., McPeak, S., and Weimer, W. 2002. CCured: Type-safe retrofitting of legacy code. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Portland, OR). ACM, New York, 128--139.]] Google ScholarGoogle Scholar
  70. Newsham, T. 2000. Format string attacks. http://online.securityfocus.com/guest/3342.]]Google ScholarGoogle Scholar
  71. NIST. 2002. The economic impacts of inadequate infrastructure for software testing. NIST Planning Report 02-3. http://www.nist.gov/director/prog-ofc/report02-3.pdf.]]Google ScholarGoogle Scholar
  72. Odersky, M., Sulzmann, M., and Wehr, M. 1997. Type inference with constrained types. In Proceedings of the 4th International Workshop on Foundations of Object-Oriented Languages, B. Pierce, Ed.]]Google ScholarGoogle Scholar
  73. Ørbæk, P. and Palsberg, J. 1997. Trust in the λ-calculus. J. Funct. Prog. 3, 2, 75--85.]]Google ScholarGoogle Scholar
  74. Pierce, B. C. 2002. Types and Programming Languages. MIT Press, Cambridge, MA.]] Google ScholarGoogle Scholar
  75. PITAC. 1999. President's Information Technology Advisory Committee Report to the President. http://www.ccic.gov/ac/report.]]Google ScholarGoogle Scholar
  76. Pratikakis, P., Spacco, J., and Hicks, M. 2004. Transparent proxies for Java futures. In Proceedings of the 19th Annual Conference on Object-Oriented Programming Systems, Languages, and Applications. 206--223.]] Google ScholarGoogle Scholar
  77. Pratt, V. and Tiuryn, J. 1996. Satisfiability of inequalities in a poset. Funda. Inf. 28, 1-2, 165--182.]] Google ScholarGoogle Scholar
  78. Rehof, J. and Fähndrich, M. 2001. Type-based flow analysis: From polymorphic subtyping to CFL-reachability. In Proceedings of the 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (London, United Kingdom). ACM, New York, 54--66.]] Google ScholarGoogle Scholar
  79. Rehof, J. and Mogensen, T. Æ. 1996. Tractable constraints in finite semilattices. In Static Analysis, Third International Symposium (Aachen, Germany). R. Cousot and D. A. Schmidt, Eds. Lecture Notes in Computer Science, vol. 1145. Springer-Verlag, New York, 285--300.]] Google ScholarGoogle Scholar
  80. Reps, T., Horwitz, S., and Sagiv, M. 1995. Precise interprocedural dataflow analysis via graph reachability. In Proceedings of the 22nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Francisco, CA). ACM, New York, 49--61.]] Google ScholarGoogle Scholar
  81. Robbins, T. J. 2001. Libformat--Protection against format string attacks. http://www.wiretapped.net/~fyre/software/libformat.html.]]Google ScholarGoogle Scholar
  82. Sagiv, M., Reps, T., and Wilhelm, R. 1999. Parametric shape analysis via 3-valued logic. In Proceedings of the 26th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Antonio, TX). ACM, New York, 105--118.]] Google ScholarGoogle Scholar
  83. Savola, P. 2000. Very probable remote root vulnerability in cfengine. BugTraq mailing list. http://www.securityfocus.com/archive/1/136751.]]Google ScholarGoogle Scholar
  84. Shankar, U., Talwar, K., Foster, J. S., and Wagner, D. 2001. Detecting format string vulnerabilities with type qualifiers. In Proceedings of the 10th Usenix Security Symposium (Washington, DC).]] Google ScholarGoogle Scholar
  85. Skalka, C. and Smith, S. 2000. Static enforcement of security with types. In Proceedings of the 5th ACM SIGPLAN International Conference on Functional Programming (Montreal, Que., Canada) ACM, New York, 34--45.]] Google ScholarGoogle Scholar
  86. Smith, G. and Volpano, D. 1998. Secure information flow in a multi-threaded imperative language. In Proceedings of the 25th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Diego, CA). ACM, New York, 355--364.]] Google ScholarGoogle Scholar
  87. Solberg, K. L. 1995. Annotated type systems for program analysis. Ph.D. dissertation. Aarhus University, Denmark, Computer Science Department.]]Google ScholarGoogle Scholar
  88. Stroustrup, B. 2005. C++ style and technique FAQ. http://www.research.att.com/~bs/bs_faq2.html#constplacement.]]Google ScholarGoogle Scholar
  89. Viega, J., Bloch, J., Kohno, T., and McGraw, G. 2000. ITS4: A static vulnerability scanner for C and C++ Code. In Proceedings of the 16th Annual Computer Security Applications Conference. http://www.acsac.org.]] Google ScholarGoogle Scholar
  90. Volpano, D. and Smith, G. 1997. A type-based approach to program security. In Theory and Practice of Software Development, 7th International Joint Conference (Lille, France). M. Bidoit and M. Dauchet, Eds. Lecture Notes in Computer Science, vol. 1214. Springer-Verlag, New York, 607--621.]] Google ScholarGoogle Scholar
  91. Wall, L., Christiansen, T., and Orwant, J. 2000. Programming Perl, 3rd Edition ed. O'Reilly & Associates.]] Google ScholarGoogle Scholar
  92. Wright, A. K. 1995. Simple imperative polymorphism. In LISP and Symbolic Computation 8. Vol. 4. 343--356.]] Google ScholarGoogle Scholar
  93. Wright, A. K. and Felleisen, M. 1994. A syntactic approach to type soundness. Inf. Comput. 115, 1, 38--94.]] Google ScholarGoogle Scholar
  94. Yang, J., Kremenek, T., Xie, Y., and Engler, D. 2003. MECA: An extensible, expressive system and language for statically checking security properties. In Proceedings of the 10th ACM Conference on Computer and Communication Security (Washington, DC). ACM, New York, 321--334.]] Google ScholarGoogle Scholar
  95. Yelick, K., Semenzato, L., Pike, G., Miyamoto, C., Liblit, B., Krishnamurthy, A., Hilfinger, P., Graham, S., Gay, D., Colella, P., and Aiken, A. 1998. Titanium: A high-performance Java dialect. In Proceedings of the ACM 1998 Workshop on Java for High-Performance Network Computing. ACM, New York.]]Google ScholarGoogle Scholar
  96. Yong, S. H., Horwitz, S., and Reps, T. 1999. Pointer analysis for programs with structures and casting. In Proceedings of the 1999 ACM SIGPLAN Conference on Programming Language Design and Implementation (Atlanta, CA). ACM, New York, 91--103.]] Google ScholarGoogle Scholar
  97. Zhang, X., Edwards, A., and Jaeger, T. 2002. Using CQUAL for static analysis of authorization hook placement. In Proceedings of the 11th Usenix Security Symposium (San Francisco, CA).]] Google ScholarGoogle Scholar

Index Terms

  1. Flow-insensitive type qualifiers

                  Recommendations

                  Comments

                  Login options

                  Check if you have access through your login credentials or your institution to get full access on this article.

                  Sign in

                  Full Access

                  PDF Format

                  View or Download as a PDF file.

                  PDF

                  eReader

                  View online with eReader.

                  eReader
                  About Cookies On This Site

                  We use cookies to ensure that we give you the best experience on our website.

                  Learn more

                  Got it!