Logo des Repositoriums
 

Source Code Patterns of Buffer Overflow Vulnerabilities in Firefox

Kurzanzeige
dc.contributor.authorSchuckert, Felix
dc.contributor.authorHildner, Max
dc.contributor.authorKatt, Basel
dc.contributor.authorLangweg, Hanno
dc.contributor.editorLangweg, Hanno
dc.contributor.editorMeier, Michael
dc.contributor.editorWitt, Bernhard C.
dc.contributor.editorReinhardt, Delphine
dc.date.accessioned2018-03-22T12:40:43Z
dc.date.available2018-03-22T12:40:43Z
dc.date.issued2018
dc.description.abstractWe investigated 50 randomly selected buffer overflow vulnerabilities in Firefox. The source code of these vulnerabilities and the corresponding patches were manually reviewed and patterns were identified. Our main contribution are taxonomies of errors, sinks and fixes seen from a developer's point of view. The results are compared to the CWE taxonomy with an emphasis on vulnerability details. Additionally, some ideas are presented on how the taxonomy could be used to improve the software security education.en
dc.identifier.doi10.18420/sicherheit2018_08
dc.identifier.isbn978-3-88579-675-6
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/16298
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSICHERHEIT 2018
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-281
dc.subjectBuffer Overflow
dc.subjectSource Code Patterns
dc.subjectVulnerabilities
dc.subjectCode Analysis
dc.titleSource Code Patterns of Buffer Overflow Vulnerabilities in Firefoxen
dc.typeText/Conference Paper
gi.citation.endPage118
gi.citation.publisherPlaceBonn
gi.citation.startPage107
gi.conference.date25.-27. April 2018
gi.conference.locationKonstanz, Germany
gi.conference.sessiontitleWissenschaftliche Beiträge

Dateien

Originalbündel
1 - 1 von 1
Vorschaubild
Name:
sicherheit2018-08.pdf
Größe:
244.63 KB
Format:
Adobe Portable Document Format
Herunterladen

Sammlungen

P281 - Sicherheit 2018 - Sicherheit, Schutz und Zuverlässigkeit