The LSV seminar takes place on Tuesday at 11:00 AM. The usual location is the conference room at Pavillon des Jardins (venue). If you wish to be informed by e-mail about upcoming seminars, please contact Stéphane Le Roux and Matthias Fuegger.
The seminar is open to public and does not require any form of registration.
What You See Is Not What You eXecute: computers
do not execute source-code programs; they execute machine-code programs that are
generated from source code. Not only can the WYSINWYX phenomenon create a
mismatch between what a programmer intends and what is actually executed by the
processor, it can cause analyses that are performed on source code -- which is
the approach followed by most security-analysis tools -- to fail to detect bugs
and security vulnerabilities. To address the WYSINWYX problem, we have developed
algorithms to recover information from stripped executables about the
memory-access operations that the program performs. These algorithms are used in
the CodeSurfer/x86 tool to construct intermediate representations that are used
for browsing, inspecting, and analyzing stripped x86 executables. Recently, this
infrastructure has been used to create a tool for looking for bugs in stripped
device-driver executables.
Joint work with G. Balakrishnan (UW), J. Lim (UW),
and T. Teitelbaum (Cornell and GrammaTech, Inc.).