Bibliography

1

Martín Abadi and Luca Cardelli.
A Theory of Objects.
Springer, 1996.

2

Lamagra Argamal. ``ftpd: the advisory version.'' bugtraq mailing list, 23 June 2000. http://www.securityfocus.comarchive166544.

3

Todd M. Austin, Scott E. Breach, and Gurindar S. Sohi. ``Efficient Detection of All Pointer and Array Access Errors.'' In Proceedings of the ACM SIGPLAN '94 Conference on Programming Language Design and Implementation, June 1994.

4

Christophe Bailleux. ``Asynchro,'' bugtraq mailing list, 8 December 2000. http://www.securityfocus.comarchive1149977.

5

D.J. Bernstein, ``Re: Logging question.'' qmail mailing list, 13 September 1996. http://www.ornl.govitsarchivesmailing-listsqmail199612msg00314.html.

6

K. J. Biba. ``Integrity considerations for secure computer systems.'' Technical Report ESD-TR-76-372, MTR-3153, The MITRE Corporation, USAF Electronic Systems Division, Bedford, MA, April 1977.

7

M. Bishop and M. Dilger. ``Checking for Race Conditions in File Accesses.'' Computing Systems, 9(2):131-152, Spring 1996.

8

CERT Advisory CA-2000-13. ``Two Input Validation Problems in FTPD.'' 7 July 2000.

9

CERT Advisory CA-2000-17, ``Input Validation Problem in rpc.statd.'' 18 August 2000.

10

CERT Incident Note IN-2000-10, ``Widespread Exploitation of rpc.statd and wu-ftpd Vulnerabilities.'' 15 September 2000.

11

CERT Advisory CA-2000-22. ``Input Validation Problems in LPRng.'' 12 December 2000.

12

Satish Chandra and Thomas W. Reps.
``Physical Type Checking for C.''
In Proceedings of the ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, Toulouse, France, September 1999. , pages 66-75.

13

Crispin Cowan, Matt Barringer, Steve Beattie, Greg Kroah-Hartman, Mike Frantzen, and Jamie Lokier. ``FormatGuard: Automatic Protection From printf Format String Vulnerabilities.'' This volume.

14

B. A. Davey and H. A. Priestley.
Introduction to Lattices and Order.
Cambridge University Press, 1990.

15

Alan DeKok. ``PScan: A limited problem scanner for C source files.'' Available at http://www.striker.ottawa.on.ca~aland pscan.

16

Martin Elsman, Jeffrey S. Foster, and Alexander Aiken. ``Carillon--a System to Find Y2K Problems in C Programs.'' Available at http://www.cs.berkeley.eduResearchAikencarillondoc.ps.gz.

17

Dawson Engler, Benjamin Chelf, Andy Chou, and Seth Hallem. ``Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions.'' In Proceedings of the Fourth Symposium on Operating Systems Design and Implementation, San Diego, CA, October 2000.

18

David Evans.
``Static Detection of Dynamic Memory Errors.''
Proceedings of the 1996 ACM SIGPLAN Conference on Programming Language Design and Implementation, Philadelphia, Pennsylvania, May 1996, pages 44-53.

19

Jeffrey S. Foster, Manuel Fähndrich, and Alexander Aiken. ``A Theory of Type Qualifiers.'' In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'99), Atlanta, Georgia, May 1999.

20

Christopher Harrelson. ``Program Analysis Mode.'' http://www.cs.berkeley.edu~chrishtrpam.

21

Fritz Henglein and Jakob Rehof.
``The Complexity of Subtype Entailment for Simple Types.''
In Proceedings, Twelfth Annual IEEE Symposium on Logic in Computer Science, Warsaw, Poland, July 1997, pages 352-361.

22

Maxime Henrion. ``muh IRC bouncer remote vulnerability.'' FreeBSD Security Advisory FreeBSD-SA-00:57. http:/www.securityfocus.comadvisories2741.

23

Maxime Henrion. ``format string bug in muh.'' bugtraq mailing list, 09 September 2000. http://www.securityfocus.comarchive181367.

24

Jarno Huuskonen. ``Some possible format string errors.'' Linux Security Audit Project mailing list, 25 September 2000. http://www2.merton.ox.ac.uk~securitysecurity-audit-2000090118.html.

25

Jarno Huuskonen. ``syslog(prio, buf) in mars_nwe.'' Linux Security Audit Project mailing list, 27 September 2000. http://www2.merton.ox.ac.uk~securitysecurity-audit-2000090136.html.

26

K. Rustan M. Leino and Greg Nelson. ``An Extended Static Checker for Modula-3.'' In Kai Koskimies, editor, Compiler Construction: 7th International Conference, CC'98, volume 1383 of Lecture Notes in Computer Science, pages 302-305. Springer, April 1998.

27

Robert Lemos. ``Internet worm squirms into Linux servers.'' Special to CNET News.com, 17 January 2001. http://news.cnet.comnews0-1003-200-4508359.html.

28

John C. Mitchell.
Type inference with simple subtypes.
Journal of Functional Programming, 1(3):245-285, July 1991.

29

Andrew C. Myers and Barbara Liskov. ``Protecting Privacy using the Decentralized Label Model.'' ACM Transactions on Software Engineering and Methodology, 9(4), April 2001.

30

Tim Newsham. ``Format String Attacks.'' Guardent, Inc. September 2000. http://www.guardent.comdocsFormatString.PDF.

31

Robert O'Callahan and Daniel Jackson. ``Lackwit: Practical Program Understanding With Type Inference.'' In Proceedings of the 19th International Conference on Software Engineering, pp. 338-348, Boston, Massachusetts, May 1997.

32

Perl Security. http://www.perl.compubdocmanualhtmlpodperlsec.html.

33

Jakob Rehof and Manuel Fähndrich.
``Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability.''
In Proceedings of the 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, London, United Kingdom, January 2001.

34

Tim J. Robbins. libformat. Available at http://box3n.gumbynet.org~fyresoftware.

35

Pekka Savola. ``Very probable remote root vulnerability in cfengine.'' bugtraq mailing list, 1 October 2000. http://www.securityfocus.comarchive1136751.

36

Michael Siff, Satish Chandra, Thomas Ball, Thomas Reps, and Krishna Kunchithapadam. ``Coping With Type Casts in C.'' In ACM Conference on Foundations of Software Engineering (FSE), September 1999.

37

Bjarne Steensgaard.
``Points-to Analysis in Almost Linear Time.''
In Proceedings of the 23rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, St. Petersburg Beach, Florida, January 1996, pages 32-41.

38

John Viega, J.T. Bloch, Tadayoshi Kohno, and Gary McGraw. ``ITS4: A Static Vulnerability Scanner for C and C++ Code.'' In 16th Annual Computer Security Applications Conference (ACSAC 2000), December 2000.

39

D. Volpano, G. Smith, and C. Irvine. ``A sound type system for secure flow analysis.'' Journal of Computer Security, 4(3):1-21, 1996.

40

D. Volpano and G. Smith. ``A type-based approach to program security.'' Proceedings of TAPSOFT'97, Colloqium on Formal Approaches in Software Engineering.

41

David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken. ``A First Step Toward Automated Detection of Buffer Overrun Vulnerabilities.'' In Proceedings of the Network and Distributed System Security Symposium, San Diego, California, February 2000.

42

Larry Wall, Tom Christiansen and Jon Orwant. Programming Perl, 3rd Edition. July 2000. O'Reilly & Associates.

43

``WuFTPD: Providing &sstarf#star;remote&sstarf#star; root since at least 1994,'' bugtraq mailing list, June 23, 2000, http://www.securityfocus.comarchive166367.