Implementation of IO2BO Dynamic Checks

Hi all,

I noticed some recent research by Zhang et al on the insertion of
dynamic checks for integer-overflow-to-buffer-overflow (IO2BO)
vulnerabilities[1]. It looks like Zhang et al's implementation already
happens to use the LLVM framework, and I was wondering if any work has
been done to incorporate a feature like this into the trunk of Clang.

If so, could someone point me to where the code lives in the SVN tree?
If not, is anyone out there on the list doing something similar as a
side-project?

Much thanks,

- --Benjamin Schulz

* * *

[1] Zhang, Chao, Tielie Wang, Tao Wei, Yu Chen, and Wei Zou. "IntPath:
Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at
Compile-Time". ESORICS 2010.

Hi Ben,

I could be mistaken, but I'm not aware of this work (IntPath) being integrated into Clang mainline, nor efforts from the authors to push it into mainline at this time.

There's a general interest in having work like this pushed back to mainline if (a) the quality of the code is up the standard of the codebase and (b) the work will be maintained after the initial check-in.

Cheers,
Ted