Paper notes: A first step towards automated detection of buffer overrun vulnerabilities

Title: A first step towards automated detection of buffer overrun vulnerabilities (BOON)
PDF: 24dcd918253f6a44a43ac6612294397f.pdf

I was looking at BOON lately and it has a nice integrated and reusable range solver to check constraints for integer variables. Much faster and scalable than an SMT solver, although imprecise since it is path insensitive.

See BOON’s implementation for the range solver; specifically files boon-1.0/{newsolver.c, constraint-set.sml}.

Original Twitter link: https://twitter.com/_argp/statuses/512231214153871360