Next: 4.1 Leaf Polymorphism
Up: Detecting Format String Vulnerabilities
In Section 2 we described the basic workings of the
cqual tool. In this section we discuss extensions to make the
basic tool sound in the presence of type casts and variable argument
functions, and to decrease false positives by using the programmer's
knowledge about the program being analyzed.
4 Finding Format String Bugs